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About This Guide 


This guide describes how to install, upgrade, and update Novell® Open Enterprise Server (OES) 2 
SP2 Linux. Except where specifically stated, the content of this guide applies to installing OES ona 
computer’s physical hardware rather than on a Xen* virtual machine host server. 

* “What's New in the OES 2 Install” on page 13 

+ “Preparing to Install OES 2 SP2” on page 15 

+ “Installing OES 2 SP2” on page 39 

+ “Tnstalling/Configuring OES 2 SP2 on an Existing Server” on page 107 

* “Upgrading to OES 2 SP2” on page 113 

* “Completing OES Installation or Upgrade Tasks” on page 145 

+ “Updating (Patching) an OES 2 SP2 Server” on page 149 

* “Using AutoYaST to Install and Configure Multiple OES Servers” on page 169 

+ “Installing OES as a Xen VM Host Server” on page 177 

+ “Installing, Upgrading, or Updating OES on a Xen-based VM” on page 179 

+ “Installing and Managing NetWare on a Xen-based VM” on page 193 

+ “Upgrading NetWare on a Xen-based VM” on page 207 

* “Disabling OES 2 Services” on page 209 

* “Security Considerations” on page 211 

+ “Installing with EVMS as the Volume Manager of the System Device” on page 213 

+ “OES 2 SP2 File and Data Locations” on page 223 

¢ “Setting Up an Installation Source on NetWare” on page 225 


Audience 


This guide is intended for system administrators. 


Feedback 


We want to hear your comments and suggestions about this manual and the other documentation 
included with this product. Please use the User Comments feature at the bottom of each page of the 
online documentation, or go to www.novell.com/documentation/feedback.html and enter your 
comments there. 


Documentation Updates 


The latest version of the OES 2 SP2: Installation Guide is available at the Open Enterprise Server 2 
documentation Web site (http://www.novell.com/documentation/oes2/inst_oes_1x/data/front.html). 
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Additional Documentation 


Table 1 Additional Documentation References 


For more information about See 


Planning and implementing OES 2 SP2 OES 2 SP2: Planning and Implementation Guide 





Migration from and coexistence with other products “Different Migration Tools” in the OES 2 SP2: 
Migration Tool Administration Guide 





Installing OES 2 SP2 on a Xen Virtual Host Server Chapter 10, “Installing, Upgrading, or Updating 
OES on a Xen-based VM,” on page 179 





SLES 10 Installation and Administration details SUSE® LINUX Enterprise Server 10 Installation 
and Administration Guide (http://www.novell.com/ 
documentation/sles10/book_sle_reference/data/ 
book_sle_reference.html) 


Documentation Conventions 


In this documentation, a greater-than symbol (>) is used to separate actions within a step and items 
within a cross-reference path. 


A trademark symbol a TM, etc.) denotes a Novell trademark. An asterisk (*) denotes a third-party 
trademark. 


When a single pathname can be written with a backslash for some platforms, or a forward slash for 
other platforms, the pathname is presented with a forward slash to reflect the Linux convention. 
Users of platforms that require a backslash, such as Linux* or UNIX*, should use backslashes as 
required by the software. 
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What's New in the OES 2 Install 


This section summarizes the features that have been updated with each release of Novell® Open 
Enterprise Server (OES) 2 Linux. 


* Section 1.1, “What’s New in the OES 2 SP2 Install,” on page 13 
¢ Section 1.2, “What’s New in the OES 2 SP1 Install,” on page 13 
* Section 1.3, “What’s New in the OES 2 Install,” on page 14 


1.1 What's New in the OES 2 SP2 Install 


The following features were added or modified from the SPI release installation: 
Table 1-1 OES 2 SP2 Release 


Functionality For More Information About 


Create an EVMS Based Proposal In the YaST install, an option is available to 
automatically create an EVMS based proposal for 
the system device. See Section A.2, “Configuring 
the System Device to Use EVMS,” on page 214. 





Upgrade through the Patch Channel You can now upgrade an OES 2 SP1 server to OES 
2 SP2 through the update (patch) channel. See 
Section 5.4.5, “Upgrading Using the Patch Channel 
(Online),” on page 122. 


1.2 What’s New in the OES 2 SP1 Install 
The following features were added or modified from the initial release installation: 
Table 1-2 OES 2 SP2 Release 


Functionality For More Information About 


Unsupported packages are no longer removed by Installing OES 2 while installing SLES 10 SP1: See 


default. “Specifying the Add-On Product Installation 
Information” on page 47. 


Installing OES 2 services on a server that is already 
running SLES 10 SP1: See “Installing/Configuring 
OES 2 SP2 on an Existing Server” on page 107. 





OES servers are now configured to use eDirectory Certificate management in OES2, see “Certificate 
certificates for all HTTPS services by default in Management’ in the OES 2 SP2: Planning and 
every installation/upgrade scenario except an Implementation Guide. 

upgrade from OES2, wherein the option used 

during the initial server install/upgrade is retained. 
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Functionality 


Updating through the Novell patch channels now 
requires registering the server with the Novell 
Customer Center using either purchased activation 
codes or 60-day evaluation codes. 


For More Information About 


This change is reflected in various instructions 
throughout this and other guides. 


1.3 What’s New in the OES 2 Install 


In the initial release of OES 2, the following features were added to the OES installation: 


Table 1-3 OES 2 Initial Release 


Functionality 


Open Enterprise Server 2 Linux is an add-on 
product that can be installed with SUSE® Linux 
Enterprise Server 10 SP1 or added to a server 
running SLES 10 SP1 with updates. 


DVD media is now also available to perform the 
installation. 


OES 2 can be installed on x86-64 bit hardware. 


Configuring OES services is easier to find and 
perform on multiple services. 


A specific tool for extending the schema is available 
in YaST. 


You can install OES 2 Linux on a Xen-based virtual 
machine host server. 


You can install OES 2 Linux as a Xen-based virtual 
machine host server. 


For More Information About 


Installing OES 2 while installing SLES 10 SP1: See 
“Specifying the Add-On Product Installation 
Information” on page 47. 


Installing OES 2 services on a server that is already 
running SLES 10 SP1: See “Installing/Configuring 
OES 2 SP2 on an Existing Server” on page 107. 


See “Preparing Physical Media for a New Server 
Installation or an Upgrade” on page 42. 


See Table 2-1 on page 17. 


See “Configuring Novell Open Enterprise Server 
Services” on page 70 and “Installing/Configuring 
OES 2 SP2 on an Existing Server” on page 107. 


See “Extending the Schema” on page 26. 


See “Chapter 10, “Installing, Upgrading, or 
Updating OES on a Xen-based VM,” on page 179.” 


See “Chapter 9, “Installing OES as a Xen VM Host 
Server,” on page 177.” 





The method for updating OES matches the method 
for updating SLES 10 SP1. 
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“Updating (Patching) an OES 2 SP2 Server” on 
page 149. 


| Preparing to Install OES 2 SP2 


You should also perform the tasks and understand the information outlined in the following sections: 


* Section 2.1, “Before You Install,” on page 15 

¢ Section 2.2, “32-Bit Vs. 64-Bit,” on page 15 

* Section 2.3, “Meeting All Server Software and Hardware Requirements,” on page 16 
¢ Section 2.4, “eDirectory Rights Needed for Installing OES,” on page 18 

¢ Section 2.5, “Installing OES As a Subcontainer Administrator,” on page 19 

* Section 2.6, “Preparing eDirectory for OES 2 SP2,” on page 22 

¢ Section 2.7, “Deciding What Patterns to Install,” on page 28 

* Section 2.8, “Install Only One Server at a Time,” on page 36 


¢ Section 2.9, “What's Next,” on page 37 


2.1 Before You Install 


Before you install Novell® Open Enterprise Server (OES) 2 SP1 Linux, you should review the 
information in the following sections: 


O “Planning Your OES 2 Implementation” in the OES 2 SP2: Planning and Implementation 
Guide 


O “Before You Install or Upgrade” in the OES 2 SP2: Readme 


2.2 32-Bit Vs. 64-Bit 


OES 2 and SLES 10 are available in both 32-bit (386) and 64-bit (x86_64) architectural versions. 





¢ Section 2.2.1, “64-Bit eDirectory,” on page 15 

¢ Section 2.2.2, “64-Bit NCP Server,” on page 16 

* Section 2.2.3, “Matching Software with Server Hardware,” on page 16 

* Section 2.2.4, “Don’t Mix 32-Bit and 64-Bit OES and SLES,” on page 16 


2.2.1 64-Bit eDirectory 
Selecting Novell eDirectory when using 


+ OES 2 SP2 64-bit media automatically installs 64-bit eDirectory™. 
+ OES 2 SP2 32-bit media installs 32-bit eDirectory. 
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2.2.2 64-Bit NCP Server 


Selecting NCP Server when using 


* OES 2 SP2 64-bit media, automatically installs 64-bit NCP™ server. 
+ OES 2 SP2 32-bit media installs 32-bit NCP server. 


2.2.3 Matching Software with Server Hardware 


Make sure that you understand which software can be installed on which server hardware. 


¢ 64-Bit Server Hardware: Supports either the 32-bit versions of OES and SLES or the 64-bit 
versions of OES and SLES. 


¢ 32-Bit Server Hardware: Supports only the 32-bit versions of OES and SLES. 


2.2.4 Don’t Mix 32-Bit and 64-Bit OES and SLES 


The 32-bit and 64-bit versions of OES and SLES are not compatible with each other. In other words, 
you cannot install 32-bit OES with 64-bit SLES on the same server hardware, and the reverse is also 
true. 


2.3 Meeting All Server Software and Hardware 
Requirements 


Before installing OES 2 SP2, ensure that your system meets the following requirements. 


¢ Section 2.3.1, “Server Software,” on page 16 


¢ Section 2.3.2, “Server Hardware,” on page 17 


2.3.1 Server Software 


As part of the OES 2 SP2 installation, you install SUSE® Linux Enterprise Server 10 SP2. 





IMPORTANT: OES 2 SP2 services were developed and tested on a default SLES 10 SP3 server 
base. 


As you install OES 2 SP2, do not change any of the SLES 10 Base Technologies package selections, 
such as Java support. Doing so can cause various problems, such as the installation failing or one or 
more OES 2 SP2 services not working properly. 


If you are installing on an existing SLES 10 SP3 server, be sure to verify that all of the default SLES 
| 10 SP3 components are installed before attempting to install OES 2 SP2 services. 
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2.3.2 Server Hardware 


Table 2-1 Server Hardware Requirements 


System Component Minimum Requirements 


Recommended Requirements 











Computer Server-class computer with Server-class computer with Pentium III, 
Pentium Il or AMD K7 450 Pentium Ill Xeon , Pentium 4, Intel Xeon 700 
MHz processor MHz, AMD K8 CPUs (Athlon64 and Opteron*), 
Intel EM64T or higher processor. 
NOTE: Some OES services run in 32-bit mode 
only. 
Memory 1 GB of RAM 2 GB of RAM for base system. Additional RAM 


might be required depending on which OES 
components are selected and how they are 
used. 





7 GB of available, 
unpartitioned disk space 


Free Disk Space 


10 GB of available, unpartitioned disk space. 
Additional disk space might be required, 
depending on which OES components are 
selected and how they are used. 





4X CD-ROM or DVD drive if 
installing from physical media 


CD-ROM or DVD Drive 


48X CD-ROM or DVD drive if installing from 
physical media 





Hard Drive 20 GB 





Network Board Ethernet 100 Mbps 





IP address + One IP Address ona 
subnet 
+ Subnet mask 
* Default gateway 
Mouse N/A 


USB or PS/2 





Server computer BIOS Using a CD-ROM or DVD 
installation source, prepare 
the BIOS on your server 
computer so that it boots from 
the CD-ROM or DVD drive 


first. 





Video Card and Monitor 1024 X 768 resolution or 
higher with a minimum color 


depth of 8 bits (256 colors) 





NOTE: Although it is technically possible to run 
the ncurses installation at a lower resolution, 
some informational messages, etc. aren't 
displayed because text strings don't wrap to the 
constraints of the window. 








NOTE: The RAM and disk space amounts shown here are for system components only. The OES 
service components you install might require additional RAM and disk space. 
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Be sure to complete the planning instructions found in the OES 2 SP2: Planning and 
Implementation Guide for each component you install. 





2.4 eDirectory Rights Needed for Installing OES 


The following eDirectory rights are discussed in this section: 


* Section 2.4.1, “Rights to Install the First OES Server in a Tree,” on page 18 

¢ Section 2.4.2, “Rights to Install the First Three Servers in an eDirectory Tree,” on page 18 

* Section 2.4.3, “Rights to Install the First Three Servers in any eDirectory Partition,” on page 18 
+ Section 2.4.4, “Rights to Run Deployment Manager,” on page 18 


2.4.1 Rights to Install the First OES Server in a Tree 


To install an OES server in a tree you must have rights to extend the schema, meaning that you need 
Supervisor rights to the [Root] of the tree. 


You can extend the schema by using the Novell Schema Tool in YaST or by having a user with 
Supervisor rights to the [Root] of the eDirectory tree install the first OES server and the first 
instance of each OES service that will be used into the tree. For more information, see Section 2.6.4, 
“Extending the Schema,” on page 26. 


2.4.2 Rights to Install the First Three Servers in an eDirectory 
Tree 


If you are installing the server into a new tree, the Admin user that is created during the OES 
installation has full rights to the root of the tree. Using the account for user Admin allows the 
installer to extend the eDirectory schema for OES as necessary. To install the first OES server in an 
eDirectory tree, you must have the Supervisor right at the [Root] of the eDirectory tree. 


2.4.3 Rights to Install the First Three Servers in any eDirectory 
Partition 


By default, the first three servers installed in an eDirectory partition automatically receive a replica 
of that partition. To install a server into a partition that does not already contain three replica servers, 
the user must have either the Supervisor right at the [Root] of the tree or the Supervisor right to the 
container in which the server holding the partition resides. 


2.4.4 Rights to Run Deployment Manager 


If you are installing the first OES server into an existing NetWare eDirectory tree, you can run 
Deployment Manager first to prepare the tree so it is compatible with the new version of eDirectory 
that comes with OES 2 SPI and later. This requires access to a server with a Read/Write replica of 
the Root partition. 
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2.5 Installing OES As a Subcontainer 
Administrator 





IMPORTANT: The information explained in Section 2.4, “eDirectory Rights Needed for Installing 
OES,” on page 18 is prerequisite to the information contained in this section. 





This section outlines the eDirectory rights required and explains how a subcontainer administrator 
approaches various installation tasks. 

¢ Section 2.5.1, “Rights Required for Subcontainer Administrators,” on page 19 

* Section 2.5.2, “Starting a New Installation As a Subcontainer Administrator,” on page 21 


¢ Section 2.5.3, “Adding/Configuring OES Services As a Different Administrator,” on page 21 


2.5.1 Rights Required for Subcontainer Administrators 


For security reasons, you might want to create one or more subcontainer administrators 
(administrators that are in a container that is subordinate to the container that user Admin is in) with 
sufficient rights to install additional OES servers, without granting them full rights to the entire tree. 


A subcontainer administrator needs the rights listed in Table 2-2 to install an OES server into the 
tree. 


These rights are typically granted by placing all administrative users in a Group or Role in 
eDirectory, and then assigning the rights to the Group or Role. Sample steps for assigning the rights 
to a single subcontainer administrator are provided as a general guide. 


Table 2-2 Subcontainer Administrator Rights Needed to Install 


Rights Needed Sample Steps to Follow 
Supervisor right to itself 1. In iManager > View Objects > the Browse tab, browse to and select 
the sub container administrator. 
2. Click the administrator object, then select Modify Trustees. 
3. Click the Assigned Rights link for the administrator object. 
4. For the [All Attributes Rights] property, select Supervisor, then click 


Done > OK. 
Supervisor right to the 1. Browse to the container where the subcontainer administrator will 
container where the server install the server. 


will be installed 2. Click the container object and select Modify Trustees. 


3. Click Add Trustee, browse to and select the subcontainer 
administrator, then click OK. 


4. Click the Assigned Rights link for the administrator object. 


5. For the [All Attributes Rights] and [Entry rights] properties, select 
Supervisor, then click Done > OK > OK. 
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Rights Needed Sample Steps to Follow 


Supervisor right to the WO 1. Browse to Security > KAP. 


object located inside the . i 
2. In KAP click WO and select Modify Trustees. 
KAP object in the Security Lei bilia 
container 3. Click Add Trustee, browse to and select the subcontainer 


administrator, then click OK. 
4. Click the Assigned Rights link for the administrator object. 


5. For the [All Attributes Rights] and [Entry rights] properties, select 
Supervisor, then click Done > OK > OK. 


Supervisor right to the If the subcontainer administrator will install the NMAS login methods, do 
Security container when the following: 

installing the NMVAS™ login 

methods 1. Browse to and select Security 


2. Select Modify Trustees. 


3. Click Add Trustee, browse to and select the subcontainer 
administrator, then click OK. 


4. Click the Assigned Rights link for the administrator object. 
5. For the [All Attributes Rights] and [Entry rights] properties, select 
Supervisor, then click Done > OK > OK. 
Create right to its own 1. Browse to and select the container where you created the 
container (context) subcontainer administrator. 
2. Select Modify Trustees. 


3. Click Add Trustee, browse to and select the subcontainer 
administrator, then click OK. 


4. Click the Assigned Rights link for the administrator object. 
5. For the [Entry Rights] property, select Create, then click Done > OK > 


OK. 
Create right to the container 1. Browse to and select the container where the UNIX Config object is 
where the UNIX Config located. By default this is the Organization object. 
object is located. 2. Select Modify Trustees. 


3. Click Add Trustee, browse to and select the subcontainer 
administrator, then click OK. 


4. Click the Assigned Rights link for the administrator object. 
5. For the (Entry Rights] property, select Create, then click Done > OK > 
OK. 


Read right to the Security This is not needed if the Supervisor right was assigned because of NMAS. 


container object for the ; an i, . 
eDirectory tree If the subcontainer administrator won't install the NMAS login methods, do 


the following: 
1. Browse to and select Security 
2. Select Modify Trustees. 


3. Click Add Trustee, browse to and select the subcontainer 
administrator, then click OK. 


4. Click the Assigned Rights link for the administrator object. 


5. For the [All Attributes Rights] property, select Read, then click Done > 
OK > OK. 
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Rights Needed Sample Steps to Follow 


Read right to the 1. Browse to Security and select the Organizational CA object. 
NDSPKI:Private Key 2. Select Modify Trustees. 

attribute on the 

Organizational CA object 3. Click Add Trustee, browse to and select the subcontainer 
(located in the Security administrator, then click OK. 

container) 4. Click the Assigned Rights link for the administrator object. 


5. Click the Add Property button. 
6. Select NDSPKI:Private Key and click OK. 

The Read right should be automatically assigned. 
7. Click Done > OK > OK. 


Read and Write rights tothe 1. Browse to and select the UNIX Config object. 
UNIX Config object. 2. Select Modify Trustees. 


3. Click Add Trustee, browse to and select the subcontainer 
administrator, then click OK. 


4. Click the Assigned Rights link for the administrator object. 


5. For the /All Attributes Rights] property, select Write (Read is already 
selected), then click Done > OK > OK. 


When installing DNS/DHCP into an existing tree with DNS/DHCP, see the following additional 
guidelines: 


* For DNS, see “eDirectory Permissions ” in the OES 2 SP2: Novell DNS/DHCP Administration 
Guide for Linux. 


* For DHCP, see “eDirectory Permissions ” in the OES 2 SP2: Novell DNS/DHCP 
Administration Guide for Linux. 


2.5.2 Starting a New Installation As a Subcontainer 
Administrator 


You can install a new OES server into an existing tree as a subcontainer administrator if you have: 


¢ The rights described in “Rights Required for Subcontainer Administrators” on page 19 


+ (f applicable) The rights described for the server installations described in “eDirectory Rights 
Needed for Installing OES” on page 18. 


When you reach the eDirectory Configuration - Existing Tree page, enter your fully-distinguished 
name (FDN) and password. After verifying your credentials, the installation will proceed normally. 


2.5.3 Adding/Configuring OES Services As a Different 
Administrator 


You can add or configure OES services on an OES server that another administrator installed if you 
have the rights described in “Rights Required for Subcontainer Administrators” on page 19. 
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Do the following: 


1 


On the OES server, launch YaST. Then click Open Enterprise Server > OES Install and 
Configuration. 


On the Software Selection page, select the additional OES services you want to install, then 
click Accept. 


The required packages are installed. 


When the Novell Open Enterprise Server Configuration summary screen appears, click the 
disabled link under LDAP Configuration for Open Enterprise Services. 


The link changes to enabled. 


4 Click LDAP Configuration for Open Enterprise Services. 


Change the Admin Name and Context. 





IMPORTANT: Make sure all field delimiters are consistent. For example, if you are adding to 
the context already displayed, either use comma-delimited syntax or change all other delimiters 
to periods. 





Type the subcontainer admin password in the Admin Password field, then click Next. 


Continue with the service installation, modifying service configuration parameters as needed. 
For example, skip to Step 7 on page 109 and continue from there. 


2.6 Preparing eDirectory for OES 2 SP2 


+ 


+ 


+ 


Section 2.6.1, “If Your Directory Tree Is Earlier than eDirectory 8.6,” on page 22 
Section 2.6.2, “If Your LDAP Server Is Running NetWare 6.5 SP2 or earlier,” on page 23 


Section 2.6.3, “If Your Tree Has Ever Contained an OES 1 Linux Server with LUM and NSS 
Installed,” on page 23 


Section 2.6.4, “Extending the Schema,” on page 26 


2.6.1 If Your Directory Tree Is Earlier than eDirectory 8.6 


If you are installing an OES 2 server into an eDirectory tree that is earlier than eDirectory 8.6, do the 
following before installing your first OES server in an existing NetWare tree: 


1 


2 


Extend the schema using Deployment Manager. See “Schema Update” in the NW65 SP8: 


Installation Guide. 


Ensure that the schema is synchronized throughout the tree from [ROOT] by doing the 
following: 


2a Verify that schema is synchronizing out from [ROOT] by entering the following 
commands at the System Console prompt of the NetWare server with the Master of 
[ROOT]: 


set DSTRACE=on 

set DSTRACE=nodebug 
set DSTRACE=+Schema 
set DSTRACE=*SSD 
set DSTRACE=*SSA 
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2b Toggle to the Directory Services screen and look for the message: All Processed = 
YES 





2c On each server that holds a Master of a partition, enter the following commands at the 
System Console prompt: 


set DSTRACE=off 
set DSTRACE=nodebug 
set DSTRACE=+Schema 
set DSTRACE=*SS 





2d Toggle to the Directory Services screen and look for the message: All Processed = 
YES 





2.6.2 If Your LDAP Server Is Running NetWare 6.5 SP2 or 
earlier 
If you are installing into an eDirectory tree that is using a NetWare server to supply LDAP, upgrade 


the LDAP server that the OES installation will communicate with to the NetWare 6.5 SP3 or later 
software. A server running NetWare 6.5 SP2 or earlier will probably abend. 


2.6.3 If Your Tree Has Ever Contained an OES 1 Linux Server 
with LUM and NSS Installed 


Having NSS volumes on OES servers requires certain system-level modifications, most of which are 
automatic. For more information, see “System User and Group Management in OES 2 SP2” in the 
OES 2 SP2: Planning and Implementation Guide 

* “NetStorage, X-Tier, and Their System Users” on page 23 

* “An NSS Complication” on page 23 

* “eDirectory Solves the Basic Problem” on page 24 

+ “ID Mismatches on OES 1” on page 24 

+ “The OES 1 Solution—the nssid.sh Script” on page 24 

+ “OES 2 SP1 and SP2 Require a New Approach” on page 24 

* “The OES 2 Solution—Standardizing the UIDs on all OES servers” on page 24 


NetStorage, X-Tier, and Their System Users 


By default, certain OES services, such as NetStorage, rely on a background Novell service named 
X-Tier. 


To run on an OES server, X-Tier requires two system-created users (named novlxsrvd and 
novlxregd) and one system-created group that the users belong to (named novlxtier). 


An NSS Complication 


These users and their group are created on the local system when X-Tier is installed. For example, 
they are created when you install NetStorage, and their respective UIDs and GID are used to 
establish ownership of the service’s directories and files. 
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For NetStorage to run, these X-Tier users and group must be able to read data on all volume types 
that exist on the OES server. 


As long as the server only has Linux traditional file systems, such as Ext3 and Reiser, NetStorage 
runs fine. 


However, if the server has NSS volumes, an additional requirement is introduced. NSS data can only 
be accessed by eDirectory™ users. Consequently, the local X-Tier users can’t access NSS data, and 
NetStorage can’t run properly. 


eDirectory Solves the Basic Problem 


Therefore, when NSS volumes are created on the server, the X-Tier users are moved to eDirectory 
and enabled for Linux User Management (LUM). (See “Linux User Management: Access to Linux 
for eDirectory Users” in the OES 2 SP2: Planning and Implementation Guide.). 


After the move to eDirectory, they can function as both eDirectory and POSIX users, and they no 
longer exist on the local system. 


ID Mismatches on OES 1 


Problems with OES 1 occurred when additional OES NetStorage servers with NSS volumes were 
installed in the same eDirectory container. Because the UIDs and GID were assigned by the system, 
unless the installation process was exactly the same for each OES 1 server, the UIDs and GID didn’t 
match server-to-server. 


When the local X-Tier UIDs and GID on subsequently installed servers didn’t match the X-Tier 
UIDs and GID in eDirectory, NetStorage couldn’t access the NSS volumes on the server. 


The OES 1 Solution—the nssid.sh Script 


To solve this problem, the OES 1 installation program looked for X-Tier ID conflicts, and if the IDs 
on a newly installed server didn’t match the IDs in eDirectory, the program generated a script file 
named nssid.sh. The documentation instructed installers to always check for an nssid. sh file on 
a newly installed server, and if the file was found, to run it. The nssid. sh script synchronized all of 
the X-Tier IDs with those in eDirectory. 


This solution remained viable through the first release of OES 2. 


OES 2 SP1 and SP2 Require a New Approach 


Unfortunately, system-level changes in SUSE Linux Enterprise Server 10 SP2 and later invalidate 
the nssid. sh script solution. Synchronizing the X-Tier IDs with an OES 1 installation can now 
cause instability in other non-OES components. Therefore, starting with OES 2 SP1, you should 
standardize all X-Tier IDs on existing servers before installing a new server with X-Tier-dependent 
services. 


The OES 2 Solution—Standardizing the UIDs on all OES servers 


If your eDirectory tree has ever contained an OES 1 Linux server with NSS and LUM installed, do 
the following on each server (including OES 2) that has NSS and LUM installed: 


1 Log in as root and open a terminal prompt. Then type the following commands: 


id novlxregd 
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id novlxsrvd 


The standardized X-Tier IDs are UID 81 for novixregd, UID 82 for novlxsrvd, and GID 81 


for novlxtier. 


2 Ifyou see the following ID information, the X-Tier IDs are standardized and you can move to 
the next server: 


uid=81 (novlxregd) gid=81(novlxtier) groups=81 (novlxtier) 
uid=82 (novlxsrvd) gid=81(novlxtier) groups=81 (novlxtier) , 8 (www) 


If you see different IDs than those listed above, such as 101, 102, 103, etc., record the numbers 
for both X-Tier users and the novlxtier group. You need these to standardize the IDs on the 
server. 


Continue with Step 3. 
3 Download the following script file: 
* fix_xtier_ids.sh (http://www.novell.com/documentation/oes2/scripts/fix_xtier_ids.sh) 
4 Customize the template file by replacing the angle bracketed variables (<>) as follows: 
* <server_name>: The name of the server object in eDirectory. 
Replace this variable with the server name. 


For example, if the server name is myserver, replace <server_name> with myserver so that 
the line in the settings section of the script reads 


server=myserver 
* <context>: This is the context of the X-Tier user and group objects. 


Replace this variable with the fully distinguished name of the context where the objects 
reside. 


For example, if the objects are an Organizational Unit object named servers, replace 
ou=servers,o=company. 

* <admin fdn>: The full context of an eDirectory admin user, such as the Tree Admin, who 
has rights to modify the X-Tier user and group objects. 


Replace this variable with the admin name and context, specified using comma-delimited 
syntax. 


For example, if the tree admin is in an Organization container named company, the full 
context is cn=admin,o=company and the line in settings section of the script reads 


admin fdn="cn=admin, o=company” 


+ <novlxregd uid>: This is the UID that the system assigned to the local novlxregd user. 
It might or might not be the same on each server, depending on whether the nssid.sh 
script ran successfully. 


Replace this variable with the UID reported for the novlxregd user on this server as listed 
when you ran the commands in Step 1 on page 24. 


In the example script, the original UID is 101. It gets changed to 81 in the third line of the 
script. The sixth line changes the UID on all of the files and directories on the server that 
are owned by the novlxregd user from 101 to 81. 


* <novixsrvd_uid>: This is the UID that the system assigned to the local novlxsrvd user. 
It might or might not be the same on each server, depending on whether the nssid. sh 
script ran successfully. 
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Replace this variable with the UID reported for the novlxsrvd user on this server as listed 
when you ran the commands in Step | on page 24. 


In the example script, the original UID is 103. It gets changed to 82 in the fourth line of 
the script. The seventh line changes the UID on all of the files and directories on the server 
that are owned by the novlxsrvd user from 103 to 82. 


+ <novixtier_gid>: This is the GID that the system assigned to the local novlxtier group. 
It might or might not be the same on each server, depending on whether the nssid.sh 
script ran successfully. 


Replace this variable with the GID reported for the novlxtier group on this server as listed 
when you ran the commands in Step | on page 24. 


In the example script, the original GID is 101. It gets changed to 81 in the second line of 
the script. The six and sevenths lines change the GID from 101 to 81 for all of the files and 
directories on the server that are owned by the novlxtier group. 


5 Make the script executable and then run it on the server. 





IMPORTANT: Changes to the X-Tier files are not reported on the terminal. 


Error messages are reported, but you can safely ignore them. The script scans the entire file 
system, and some files are locked because the system is running. 





6 Repeat from Step 1 for each of the other servers in the same context. 


2.6.4 Extending the Schema 


An eDirectory tree must have its schema extended to accommodate OES 2 servers and services as 
explained in the following sections. 


+ “Who Can Extend the Schema?” on page 26 

+ “Which OES 2 SP2 Services Require a Schema Extension?” on page 26 
* “Extending the Schema While Installing OES 2” on page 27 

+ “Using the YaST Plug-in to Extend the Schema” on page 27 

* “Extending the Schema for Novell Cluster Services (NCS)” on page 28 


Who Can Extend the Schema? 


Only an administrator with the Supervisor right at the [Root] of an eDirectory tree can extend the 
tree’s schema. 


Which OES 2 SP2 Services Require a Schema Extension? 
The following service schema extensions are included with OES 2 SP2. 


A single asterisk (*) indicates a service that is either required for OES 2 servers or for the default 
services that are installed on every OES 2 server. They are implemented when the first OES 2 SP1 or 
later server is installed in the tree. 


Unmarked extensions are implemented the first time their respective services are installed, unless 
the schema was previously extended using another method, such as the YaST plug-in (see “Using 
the YaST Plug-in to Extend the Schema” on page 27). 


* CIFS 
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* Directory Services* 

* iFolder 

+ iPrint 

* DHCP 

* DNS 

* Domain Services for Windows 
* Linux User Management* 

* NCP 

+ NCS** 


Novell Cluster Services requires extending the schema manually. Follow the instructions in 
“Extending the eDirectory Schema to Add Cluster Objects” in the OES 2 SP2: Novell Cluster 
Services 1.8.7 for Linux Administration Guide. 


* NetStorage 
+ NMAS* 
* Novell Storage Services 


* Storage Management Services* 


Extending the Schema While Installing OES 2 


The simplest way to extend the schema for OES 2 servers is to have a tree admin install the first 
OES 2 server and the first instance of each OES 2 service that you plan to run on your network. 


After this initial installation, you can assign subcontainer admins with the required rights to install 
additional servers and services. For more information on the required rights for the various OES 
services, see “Rights Required for Subcontainer Administrators” on page 19. 


Using the YaST Plug-in to Extend the Schema 


If you want a subcontainer admin to install the first OES 2 server or the first instance of an OES 2 
service in an existing tree, and you don’t want to grant that admin the Supervisor right to the [Root] 
of the tree, you can extend the schema using YaST from either 

+ An OES 2 SP2 server running in another tree 


+ An OES 2 SP2 server that was installed without any OES 2 services added (the YaST plug-in is 
a default OES 2 component) 


or 


+ A SLES 10 SP3 server with the yast2-novell-schematool.rpm installed. The RPM is available 
on the OES 2 SP2 installation media and can be launched at a terminal prompt following 
installation by entering yast2 novell-schematool. 


To run the Novell Schema Tool, do the following: 


1 On the server’s desktop, click Computer and open the YaST Control Center. 
2 Click Open Enterprise Server > Novell Schema Tool. 


3 Depending on the installation method you used, you might be required to insert your OES 2 
installation media. 
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4 On the Novell eDirectory Extension Utility page, enter the information for an eDirectory server 
with a Read/Write replica of the Root partition. 


Be sure to enter the correct information to authenticate as an admin user with the Supervisor 
right at the [Root] of the target tree. Otherwise, the schema extension will fail. 


5 Ifyou are preparing the tree so that a subcontainer admin can install the first OES 2 SP1 or later 
server, select the services marked with an asterisk (*) in “Which OES 2 SP2 Services Require a 
Schema Extension?” on page 26. 


Although this step is not required if the tree already has an OES 2 SPI or later server installed, 
selecting the marked services won’t cause any problems. 


6 Select all of the other services you plan to run on any of the OES 2 servers in the tree. 
7 Click Next. 


The schema is extended. 


Extending the Schema for Novell Cluster Services (NCS) 


If you want a subcontainer administrator to install the first instance of NCS in a tree, you can extend 
the schema by following the instructions in “Extending the eDirectory Schema to Add Cluster 
Objects” in the OES 2 SP2: Novell Cluster Services 1.8.7 for Linux Administration Guide. 


2.7 Deciding What Patterns to Install 


A default SLES 10 SP3 installation has the following base technology, Graphical Environment, and 
Primary Function patterns selected for installation by default. With the exception explained in the 
two Important notes below, you can accept or deselect these patterns and install additional patterns 
as desired. 


Table 2-3 Standard SLES 10 SP3Installation Patterns 


Pattern Description 


Server Base System Consists of all packages that are common to all Novell SUSE Linux 
Enterprise products. Also provides a Linux Standard Base 3.0 
compliant runtime environment. 


This pattern is selected for installation by default. 





IMPORTANT: You must either install this pattern or the Common 
Code Base pattern. 








Common Code Base The largest system. It includes all packages available with SUSE 
Linux, except those that would result in dependency conflicts. 





IMPORTANT: You must either install this pattern or the Server Base 
System pattern. 
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Pattern 


Novell AppArmor 


Description 


Novell AppArmor™ is an open source Linux application security 
framework that provides mandatory access control for programs, 
protecting against the exploitation of software flaws and compromised 
systems. AppArmor includes everything you need to provide effective 
containment for programs (including those that run as root) to thwart 
attempted exploits and even zero-day attacks. AppArmor offers an 
advanced tool set that largely automates the development of per- 
program application security so that no new expertise is required. 


This pattern is selected for installation by default. 





GNOME Desktop Environment 


The GNOME* desktop environment is an intuitive and attractive 
desktop for users. The GNOME development platform is an extensive 
framework for building applications that integrate into the rest of the 
desktop. 


This pattern is selected for installation by default. 





X Window System 


In continuous use for over 20 years, the X Window System* provides 
the only standard platform-independent networked graphical window 
system bridging the heterogeneous platforms in today's enterprise: 
from network servers to desktops, thin clients, laptops, and 
handhelds, independent of operating system and hardware. 


This pattern is selected for installation by default. 





Print Server 


Sets up a print server to host print queues so that they can be 
accessed by other computers on the same network, including 
machines running Microsoft* Windows* operating systems. The print 
server may accept print jobs from client computers and direct them to 
locally attached printers or to network printers. Ipd, cups, and smb 
print servers and queues are supported. 


This pattern is selected for installation by default. 


The OES add-on installation includes the following OES Services patterns. 


Table 2-4 OES Services Pattern Descriptions 


Pattern Description 


Novell AFP Novell AFP server allows Mac clients to access data stored on NSS volumes 
in the same way they access data on a Mac OSX server. 


This service selects and installs these services: 


+ 


+ 


+ 


Novell Backup / Storage Management Services (SMS) 
Novell eDirectory 

Novell Storage Services (NSS) 

Novell Linux User Management (LUM) 

Novell Remote Manager (NRM) 
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Pattern 


Novell Archive and 
Version Services 


Description 


Novell Archive and Version Services systematically captures and stores 
versions of your network files in an archive database, on a schedule that you 
determine. Users can search for a previous version of a file and quickly 
restore it. 


This service selects and installs these services: 


* Novell Backup/Storage Management Services (SMS) 
* Novell eDirectory™ 

* Novell Linux User Management (LUM) 

* Novell Remote Manager (NRM) 

Novell Storage Services™ (NSS) 


+ 





Novell Backup/Storage 
Management Services 
(SMS) 


Novell CIFS 
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The Novell backup infrastructure (called Storage Management Services™ or 
SMS) provides backup applications with the framework to develop a complete 
backup and restore solution. 


SMS helps back up file systems (such as NSS) or application data (such as 
data from GroupWise®) on NetWare® and SUSE Linux Enterprise Server 
(SLES) to removable tape media or other media for off-site storage. It provides 
a single consistent interface for all file systems and applications across 
NetWare and SLES. 


This service selects and installs these services: 


+ Novell Linux User Management (LUM) 

* Novell Remote Manager (NRM) 
CIFS (Common Internet File System) is a network sharing protocol. Novell 
CIFS enables Windows, Linux, and UNIX client workstations to copy, delete, 


move, save, and open files on an OES 2 server. CIFS allows read and write 
access from multiple client systems simultaneously. 


This service selects and installs these services: 


+ Novell Backup / Storage Management Services (SMS) 
* Novell eDirectory 

* Novell Storage Services (NSS) 

* Novell Linux User Management (LUM) 


* Novell Remote Manager (NRM) 


Pattern 


Novell Cluster Services 
(NCS) 


Description 


Novell Cluster Services™ is a server clustering system that ensures high 
availability and manageability of critical network resources including data, 
applications, and services. It is a multinode clustering product for Linux that is 
enabled for Novell eDirectory and supports failover, failback, and migration 
(load balancing) of individually managed cluster resources. 


Novell Cluster Services lets you add Linux nodes to an existing NetWare 6.5 
cluster without bringing down the cluster, or it lets you create an all-Linux 
cluster. With a mixed cluster, you can migrate services between OS kernels, 
and if services are alike on both platforms (such as NSS), you can set the 
services to fail over across platforms. 


Using Novell Cluster Services with iSCSI technologies included in OES, you 
can build inexpensive clustered SANs on commodity gigabit Ethernet 
hardware. You can leverage existing hardware into a high availability solution 
supporting Linux and NetWare clusters. 


This service selects and installs these services: 


* Novell Backup/Storage Management Services (SMS) 
+ Novell Linux User Management (LUM) 


* Novell Remote Manager (NRM) 





Novell DHCP 


Novell DHCP (Dynamic Host Configuration Protocol) uses eDirectory to 
provide configuration parameters to client computers and integrate them into a 
network. 


The eDirectory integration lets you have centralized administration and 
management of DHCP servers across the enterprise and lets you set up 
DHCP subnet replication via Novell eDirectory. 


This service selects and installs these services: 
* Novell Backup/Storage Management Services (SMS) 
* Novell eDirectory 


* Novell Linux User Management (LUM) 
* Novell Remote Manager (NRM) 





Novell DNS 


Novell DNS uses Novell eDirectory to deliver information associated with 
domain names, in particular the IP address. 


This eDirectory integration lets you have centralized administration and 
management of DNS servers across the enterprise and lets you set up a DNS 
zone via Novell eDirectory. 


This service selects and installs these services: 


* Novell Backup/Storage Management Services (SMS) 


* Novell eDirectory 


+ 


Novell Linux User Management (LUM) 
+ Novell Remote Manager (NRM) 
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Pattern 


Novell Domain Services 
for Windows 


Description 


Novell Domain Services for Windows provides seamless cross-authentication 
capabilities between Windows/Active Directory and Novell OES 2 servers. It is 
a suite of integrated technologies that removes the need for the Novell Client 
when logging on and accessing data from Windows workstations in eDirectory 
trees. This technology simplifies the management of users and workstations in 
mixed Novell-Microsoft environments. 


This service selects and installs these services: 


* Novell Backup / Storage Management Services (SMS) 
* Novell eDirectory 

* Novell DNS 

* Novell iManager 

* Novell iPrint 

+ Novell Linux User Management (LUM) 

* Novell Remote Manager (NRM) 

* Novell Storage Services (NSS) 

* Novell NCP Server 





Novell eDirectory 


Novell eDirectory services are the foundation for the world's largest identity 
management, high-end directory service that allows businesses to manage 
identities and security access for employees, customers, and partners. More 
than just an LDAP data store, eDirectory is the identity foundation for 
managing the relationships that link your users and their access rights with 
corporate resources, devices, and security policies. 


This service selects and installs these services: 


* Novell Backup/Storage Management Services (SMS) 
* Novell Linux User Management (LUM) 
* Novell Remote Manager (NRM) 





Novell FTP 


Novell FTP (File Transfer Protocol) is integrated with Novell eDirectory so that 
users can securely transfer files to and from OES volumes. 


This service selects and installs these services: 


* Novell Backup/Storage Management Services (SMS) 


+ 


Novell eDirectory 


+ 


Novell Linux User Management (LUM) 
+ Novell Remote Manager (NRM) 





Novell iFolder 
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Novell iFolder 3.8 is a simple and secure storage solution that can increase 
user productivity by enabling users to back up, access, and manage their 
personal files from anywhere, at any time. 


This service selects and installs these services: 


+ Novell Backup/Storage Management Services (SMS) 


+ 


Novell eDirectory 


+ 


Novell Linux User Management (LUM) 
+ Novell Remote Manager (NRM) 


Pattern 


Novell iManager 


Description 


Novell iManager is a Web-based administration console that provides secure, 
customized access to network administration utilities and content from virtually 
anywhere you have access to the Internet and a Web browser. 


iManager provides the following benefits: 


* Single point of administration for Novell eDirectory objects, schema, 
partitions, and replicas 

* Single point of administration for many other network resources 

* Management of many Novell products by using iManager plug-ins 


+ Role-Based Services (RBS) for delegated administration 
This service selects and installs these services: 


* Novell Backup/Storage Management Services (SMS) 
* Novell Linux User Management (LUM) 
* Novell Remote Manager (NRM) 





Novell iPrint 


Novell iPrint lets employees, partners, and customers access printers from a 
variety of locations across the network and the Internet. From a Web browser, 
users can easily install any printer on the network from any location. 


This service selects and installs these services: 


* Novell Backup/Storage Management Services (SMS) 
* Novell eDirectory 

* Novell iManager 

* Novell Linux User Management (LUM) 

* Novell Remote Manager (NRM) 





Novell Linux User 
Management (LUM) 


Linux User Management (LUM) enables eDirectory users to function as local 
POSIX* users on Linux servers. This functionality lets administrators use 
eDirectory to centrally manage remote users for access to one or more OES 
servers. 


This service selects and installs these services: 


* Novell Backup/Storage Management Services (SMS) 


* Novell Remote Manager (NRM) 
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Pattern 


Novell NCP Server / 
Dynamic Storage 
Technology 


Description 


Novell NCP™ Server for Linux enables support for login scripts, mapping 
drives to OES servers, and other services commonly associated with Novell 
Client access. This means that Windows users with the Novell Client installed 
can be seamlessly transitioned to file services on OES. 


NCP Server includes Novell Dynamic Storage Technology, which allows rarely 
accessed files on NCP volumes to be automatically moved, according to 
policies set by the administrator, from faster-access storage to lower-cost 
storage media where the files can be more easily managed and backed up. 


Services included with NCP (NetWare Core Protocol) are file access, file 
locking, security, tracking of resource allocation, event notification, 
synchronization with other servers, connection and communication, print 
services and queue management, and network management. 


This service selects and installs these services: 


* Novell Backup/Storage Management Services (SMS) 
* Novell eDirectory 

* Novell Linux User Management (LUM) 

* Novell Remote Manager (NRM) 





Novell NetStorage 
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Novell NetStorage provides the solution for simple, Internet-based access to 
file storage. NetStorage is a bridge between a company's protected Novell 
storage network and the Internet. It lets users access files securely from any 
Internet location, with nothing to download or install on the user's workstation. 


With Novell NetStorage, a user can securely access files from any Internet- 
enabled machine. Users can copy, move, rename, delete, read, write, recover, 
and set trustee assignments (based on their privilege level) on files between a 
local workstation and a Novell storage network. Access is available from any 
Internet-attached workstation, anywhere in the world. There is no need to e- 
mail or copy data from one machine to another. 


This service selects and installs these services: 


+ 


Novell Backup/Storage Management Services (SMS) 
+ Novell iManager 
+ Novell Linux User Management (LUM) 


+ Novell Remote Manager (NRM) 


Pattern 


Novell Pre-Migration 
Server 


Description 


A Novell Pre-Migration Server is not actually a service. Rather, it is a special- 
purpose server—the target of a Server ID Transfer Migration. 


Selecting this option causes this server to be installed without an eDirectory 
replica, thus preparing it to assume the identity of another server that you plan 
to decommission. For more information, see the OES 2 SP2: Migration Tool 
Administration Guide. 


You should also select and install all the services that you plan to migrate from 
the other server. Services that are not installed on this server prior to the 
migration cannot be migrated. 


This service selects and installs these services: 


* Novell Backup / Storage Management Services (SMS) 
* Novell eDirectory (without a replica) 

* Novell Linux User Management (LUM) 

* Novell Remote Manager (NRM) 





Novell QuickFinder 


QuickFinder™ lets your users find the information they're looking for on any of 
your public and private Web sites, your partners' sites, and any number of 
additional Web sites across the Internet or internal file servers, all from a 
single search form on your Web page. 


You can easily modify the look and feel of any of the sample search results 
pages to match your corporate design. 


You can create full-text indexes of HTML, XML, PDF, Word, OpenOffice.org, 
and many other document formats in almost any language with the 
QuickFinder Unicode* indexing engine. 


You can configure and maintain your indexes remotely from anywhere on the 
network with the QuickFinder Web-based administration module. 


This service selects and installs these services: 


* Novell Backup/Storage Management Services (SMS) 
* Novell Linux User Management (LUM) 


* Novell Remote Manager (NRM) 





Novell Remote Manager 
(NRM) 


Novell Remote Manager lets you securely access and manage one or more 
servers from any location through a standard Web browser. You can use 
Novell Remote Manager to monitor your server's health, change the 
configuration of your server, or perform diagnostic and debugging tasks. 


This service selects and installs these services: 


* Novell Backup/Storage Management Services (SMS) 


+ Novell Linux User Management (LUM) 
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Pattern 


Novell Samba 


Description 


Novell Samba provides Windows (CIFS and HTTP-WebDAV) access to files 
stored on an OES server's file system using an eDirectory username and 
password. 


This service selects and installs these services: 


* Novell Backup/Storage Management Services (SMS) 
* Novell Linux User Management (LUM) 


* Novell Remote Manager (NRM) 





Novell Storage Services 
(NSS) 


The Novell Storage Services (NSS) file system provides many unique and 
powertul file system capabilities. It is especially suited for managing file 
services for thousands of users in an organization. It also includes Novell 
Distributed File Services for NSS volumes. 


Unique features include visibility, trustee access control model, multiple 
simultaneous namespace support, native Unicode, user and directory quotas, 
rich file attributes, multiple data stream support, event file lists, and a file 
salvage subsystem. 


NSS volumes are cross-compatible between kernels. You can mount a non- 
encrypted NSS data volume on either the Linux or NetWare kernel and move it 
between them. In a clustered SAN, volumes can fail over between kernels, 
allowing for full data and file system feature preservation when migrating data 
to Linux. 





IMPORTANT: If you select this service, you might need to reconsider the disk 
partition setup you have chosen. For information, see Appendix A, “Installing 
with EVMS as the Volume Manager of the System Device,” on page 213. 





This service selects and installs these services: 


* Novell Backup/Storage Management Services (SMS) 
* Novell eDirectory 

* Novell NCP Server 

* Novell Linux User Management (LUM) 

* Novell Remote Manager (NRM) 


If you want to install these services, you can select them to install with most other patterns during 
the initial server installation by customizing the installation or you can install them after installing 
your initial Open Enterprise Server. For more information, see “Customizing the Software 
Selections” on page 52 and “Installing/Configuring OES 2 SP2 on an Existing Server” on page 107. 


2.8 Install Only One Server at a Time 


You should install one server at a time into a tree, then wait for the installation program to complete 
before installing an additional server into the same tree. 
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2.9 What's Next 


Proceed to one of the following sections based on the task that you want to perform: 


+ “Installing OES 2 SP2” on page 39 

+ “Upgrading to OES 2 SP2” on page 113 

* “Updating (Patching) an OES 2 SP2 Server” on page 149 

+ “Using AutoYaST to Install and Configure Multiple OES Servers” on page 169 

+ “Installing, Upgrading, or Updating OES on a Xen-based VM” on page 179 

+ “Installing and Managing NetWare on a Xen-based VM” on page 193 

+ “Installing with EVMS as the Volume Manager of the System Device” on page 213 
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Installing OES 2 SP2 


Novell® Open Enterprise Server (OES) 2 SP2 Linux is an add-on product to SUSE® Linux 
Enterprise Server (SLES) 10 SP3. When you install and configure OES, you can also install and 
configure SLES 10 SP3. Therefore, it is helpful to understand how to perform a SLES 10 SP3 
installation. 


For detailed information on performing a SLES installation, see the SLES 10 SP3 Installation and 
Administration Guide (http://www.novell.com/documentation/sles 10/book_sle_reference/data/ 
book_sle_reference.html). 


This section includes brief steps for performing a full installation of OES and provides information 
on the following topics: 


* “Obtaining OES 2 Software” on page 39 
¢ “Setting Up an Installation Source” on page 39 
+ “Installing OES 2 SP2 As a New Installation” on page 43 


3.1 Obtaining OES 2 Software 


For information on obtaining OES software, see “Getting and Preparing OES 2 Software” in the 
OES 2 SP2: Planning and Implementation Guide. 


3.2 Setting Up an Installation Source 


This section covers how to get the media you need for an installation and how to set up installation 
sources for installing OES: 


¢ Section 3.2.1, “Preparing a Network Installation Source,” on page 39 


¢ Section 3.2.2, “Preparing Physical Media for a New Server Installation or an Upgrade,” on 
page 42 


3.2.1 Preparing a Network Installation Source 


This section contains the following information: 
* “Requirements” on page 39 
* “Procedure” on page 40 

Requirements 

To set up a network installation source, you need the following: 
O A server to act as the YaST Network Installation server: 


This server can be SLES 9, SLES 10, SUSE Linux 9.3 or later, OES 1 or OES 2, Windows, or 
NetWare 6.5. 


O A computer to become the new OES server 
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Both servers need to be connected to the network and able to communicate with each other. 


If you have DHCP on your network, using DHCP works well to begin the initial network 
installation. During the installation, you are prompted to configure your OES server with a static IP 
address. The static IP address is required for the configuring OES network services on your server. 


If you don't have DHCP on your network, you need to do a manual installation and configure your 
OES server with a static IP address, subnet mask, a default gateway, and a name server. You do not 
need to redo this network configuration later in the installation because it is already set up. The 
instructions for this come later in the installation procedure. (See “Installing OES 2 SP2 As a New 
Installation” on page 43.) 


Procedure 


To prepare a network installation source on a NetWare server, see Appendix C, “Setting Up an 
Installation Source on NetWare,” on page 225. 


To prepare a network installation source on a Linux or Window server, see “Setting Up the Server 
Holding the Installation Sources” (http://www.novell.com/documentation/sles10/sles_admin/data/ 
sec_deployment_remoteinst_instserver.html) in the SLES 10 SP3 Installation and Administration 
Guide (http://www.novell.com/documentation/sles10/sles_admin/data/book_sle_reference.html) 
and the following instructions. 


1 Download or copy the ISO image files to a directory of your choice. See “Getting and 
Preparing OES 2 Software” in the OES 2 SP2: Planning and Implementation Guide. 


2 Configure your Linux server to be a YaST installation server and select the location for the root 
of the network installation. 


The three protocol options to choose from for configuring the YaST installation server are NFS, 
FTP, and HTTP. For the protocol configuration procedures, see the following: 


+ “NFS Protocol Configuration” on page 40 
* “FTP Protocol Configuration” on page 41 
* “HTTP Protocol Configuration” on page 41 


FTP and HTTP do not allow you to serve the files without possible modifications to . conf 
files. NFS is the simplest protocol to configure and is recommended. 


3 Create a boot CD using the .iso image file for SUSE Linux Enterprise Server SP3 CD 1 and 
label it with that name. 


For information on creating this CD, see “Preparing Physical Media for a New Server 
Installation or an Upgrade” on page 42. 


This CD will be the network installation boot CD. 


With these steps completed, you are ready to perform a new installation or upgrade using a network 
installation source. See “Installing OES 2 SP2 As a New Installation” on page 43 or “Upgrading to 
OES 2 SP2” on page 113. 


NFS Protocol Configuration 


An NFS share can be shared easily from almost any location on your file system. Use the following 
procedure if you choose to use this protocol: 


1 At your network installation server, launch YaST. 
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Select Network Services, then click NFS Server. 
You might be prompted to install the NFS server. 


On the NFS Server configuration screen, select Start in the NFS Server section, select Open 
Port in Firewall in the Firewall section, then click Next. 


In the Directories section, click Add Directory and specify or browse to the directory where you 
have created the install root (source directory), then click OK. 


Accept the defaults in the pop-up window for adding a Host. 
If you are experienced with NFS configurations, you can customize the configuration. 
Click Finish. 


FTP Protocol Configuration 


These instructions use pure ftpd and can be installed using YaST. Depending on the FTP server you 
use, the configuration might be different. 


If you have created your install root (source directory) within your FTP root, you can forego the 
following procedure and simply start pure ftpd. 


The default configuration of pure ftpd runs in chroot jail, so symlinks cannot be followed. In order to 
allow FTP access to the install root created outside of the FTP root, you must mount the install root 
directory inside of the FTP root. 


If you have not created your install root within your FTP root and you choose to use this protocol: 


1 
2 


3 


4 


Create a directory inside of your FTP root. 

Run the following command: 

mount --bind /path to install root /path to directory in ftp root 
For example, 


mount --bind /tmp/OES /srv/ftp/OES 








(Optional) If you want to make this install root permanent, add this command to the /etc/ 
fstab file. 


Start pure ftpd. 


HTTP Protocol Configuration 


These instructions use Apache2 as provided by SLES 10. 


If you choose to use this protocol: 


1 


Modify the default-server.conf file of your HTTP server to allow it to follow symlinks 
and create directory indexes. 


The default-server.conf file is located in the /etc/apache2 directory. In the Directory 
tag of the default-server.conf file, remove None if it is there, add Fol lowSymLinks and 
Indexes to the Options directive, then save the changes. 


(Conditional) If the install root is outside of the HTTP root, create a symbolic link to the install 
root with the following command: 


ln -s /path to install root /path to link 


For example, 
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wn 


ln -s /tmp/OES /srv/www/htdocs/Ol 
3 Restart Apache. 


3.2.2 Preparing Physical Media for a New Server Installation or 
an Upgrade 


To prepare physical media for an installation or upgrade, you must first download ISO image files 
and then burn the CDs or DVDs that you need for your server. Detailed download instructions are 
available in “Getting and Preparing OES 2 Software” in the OES 2 SP2: Planning and 
Implementation Guide. 


Table 3-1 lists the image files you need, depending on whether your server has a CD drive or a CD/ 
DVD combo drive. 


Table 3-1 Files to Download 


Platform Files needed 


32-bit server with CD drive + ES-10-SP3-CD-i386-GM-CD1.iso 
ES-10-SP3-CD-i386-GM-CD2.iso 


S 
S 

* SLES-10-SP3-CD-i386-GM-CD3.iso 
S 
O 











ES-10-SP3-CD-i386-GM-CD4.iso 
ES2-SP2-1386-CD1l.iso 











32-bit server with CD/DVD drive * SLES-10-SP3-DVD-i386-GM-DVD1.iso 
+ 0ES2-SP2-1386-CD1l.iso 








64-bit server with CD drive + 





SLES-10-SP3-CD-x86_64-GM-CD1.iso 
SLES-10-SP3-CD-x86_64-GM-CD2.iso 
* SLES-10-SP3-CD-x86_64-GM-CD3.iso 
S 
O 








ES-10-SP3-CD-x86_64-GM-CD4.iso 
ES2-SP2-x86_64-CD1.iso 














64-bit server with CD/DVD drive * SLES-10-SP3-DVD-x86_64-GM-DVD1.iso 
* OES2-SP2-x86_64-CD1.iso 





32-bit server with CD drive + ES-10-SP3-CD-i386-GM-CD1.iso 
ES-10-SP3-CD-i386-GM-CD2.iso 


S 
S 

* SLES-10-SP3-CD-i386-GM-CD3.iso 
S 
O 

















ES-10-SP3-CD-i386-GM-CD4.iso 
ES2-SP2-i386-CD1.iso 











IMPORTANT: You can download the OES 2 CD and the SLES 10 DVD ISO files listed in Table 3- 
1 from the <OES 2 SP2 download page (Insert_URL)>. 
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The SLES 10 SP3 CD ISO files listed in Table 3-1 are only available on the <SLES 10 SP3 
download page (Insert_URL)>. 





Download the ISO files you need for your hardware capabilities. 

Insert a blank, writable CD or DVD into your CD or DVD burner. 

Select the option to create a CD or DVD from an image file. 

Select ZSO as the file type. 

Select the first image file (see Table 3-1) from the location you downloaded it to. 
Complete the CD or DVD creation process. 

Label the disk. 

Repeat this process for each of the ISO image files you downloaded. 


3.3 Installing OES 2 SP2 As a New Installation 


This section does not provide step-by-step installation instructions because the installation interface 
is mostly self-explanatory. It does, however, provide information about important steps in the 
process that you might need help with. 


on DU Fk WN = 


* Section 3.3.1, “Starting the OES 2 SP2 Installation,” on page 43 

¢ Section 3.3.2, “Specifying the Installation Mode,” on page 46 

¢ Section 3.3.3, “Specifying the Add-On Product Installation Information,” on page 47 
* Section 3.3.4, “Setting Up the Clock and Time Zone,” on page 48 


¢ Section 3.3.5, “Specifying the Installation Settings for the SLES Base and OES Installation,” 
on page 48 


¢ Section 3.3.6, “Specifying Configuration Information,” on page 54 


3.3.1 Starting the OES 2 SP2 Installation 


Insert the first disc of the SUSE Linux Enterprise Server 10 SP3 installation media that you created 
into the CD-ROM or DVD drive of the computer that you want to be your OES server, then boot the 
machine. Then continue with one of the following procedures: 

+ “Installation Using a Network Installation Source with DHCP” on page 43 

+ “Installation Using a Network Installation Source without DHCP” on page 44 

* “New Server Installation Using Physical Media or ISO” on page 46 


Installation Using a Network Installation Source with DHCP 
1 From the CD boot menu, select one of the following Installation options that matches your 
environment, but do not press Enter. 
¢ Installation: The normal installation mode. All modern hardware functions are enabled. 


¢ Installation—ACPI Disabled: If the normal installation fails, this might be because of 
the system hardware not supporting ACPI (advanced configuration and power interface). 
If this seems to be the case, use this option to install without ACPI support. 
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¢ Installation—Local APIC Disabled: If the normal installation fails, this might be 
because of the system hardware not supporting local APIC (advanced programmable 
interrupt controllers). If this seems to be the case, use this option to install without local 
APIC support. 


If you are not sure, try Installation—ACPI Disabled or Installation—Safe Settings first. 


¢ Installation—Safe Settings: Boots the system with the DMA mode (for CD-ROM 
drives) and power management functions disabled. Experts can also use the command line 
to enter or change kernel parameters. 


2 At this point you can pre-specify the IP address information, etc. on the Boot Options line (see 
“Using Custom Boot Options” in the SUSE Linux Enterprise Server Installation and 
Administration Guide (http://www.novell.com/documentation/sles10/book_sle_reference/data/ 
sec_deployment_remoteinst_bootinst.html#sec_deployment_remoteinst_bootinst_custom)), or 
you can continue with Step 3 and input everything as the install prompts you. 


If you want to specify boot options parameters, do it now. Then press Enter and continue with 
Step 6 on page 44. 


3 Press F4, and then select the network installation type (CD or DVD, SLP, FTP, HTTP, NFS, 
SMB/CIES) that you set up on your network installation server. 


See Step 2 on page 40 of the Preparing a Network Installation Source procedure. 
4 Specify the required information (server name and installation path), then select OK. 
5 Press Enter to begin the installation. 


Follow the screen prompts, referring to the information in the following sections as needed 
(remember that not all required selections are documented): 


6a “Specifying the Installation Mode” on page 46. 

6b “Specifying the Add-On Product Installation Information” on page 47. 

6c “Setting Up the Clock and Time Zone” on page 48. 

6d “Specifying the Installation Settings for the SLES Base and OES Installation” on page 48. 
6e “Specifying Configuration Information” on page 54. 

6f “Finishing the Installation” on page 71. 


7 Complete the server setup by following the procedures in “Completing OES Installation or 
Upgrade Tasks” on page 145. 


Installation Using a Network Installation Source without DHCP 
1 From the CD boot menu, select one of the following Installation options that matches your 
environment, then press Enter. 
¢ Installation: The normal installation mode. All modern hardware functions are enabled. 


¢ Installation—ACPI Disabled: If the normal installation fails, this might be because of 
the system hardware not supporting ACPI (advanced configuration and power interface). 
If this seems to be the case, use this option to install without ACPI support. 


¢ Installation—Local APIC Disabled: If the normal installation fails, this might be 
because of the system hardware not supporting local APIC (advanced programmable 
interrupt controllers). If this seems to be the case, use this option to install without local 
APIC support. 


If you are not sure, try Installation—ACPI Disabled or Installation—Safe Settings first. 
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* Installation—Safe Settings: Boots the system with the DMA mode (for CD-ROM 
drives) and power management functions disabled. Experts can also use the command line 
to enter or change kernel parameters. 


At this point you can pre-specify the IP address information, etc. on the Boot Options line (see 
“Using Custom Boot Options” in the SUSE Linux Enterprise Server Installation and 
Administration Guide (http://www.novell.com/documentation/sles10/book_sle_reference/data/ 
sec_deployment_remoteinst_bootinst.html#sec_deployment_remoteinst_bootinst_custom)), or 
you can press Enter, continue with Step 3, and input everything as the install prompts you. 


If you want to specify boot options parameters, do it now. Then press Enter and continue with 
Step 19 on page 45. 


When you receive the following error, select OK and press Enter: 








Could not find the SUSE Linux Enterprise Server 10 Installation source. 





Activating manual set up program. 

Select the language, then select OK and press Enter. 

Select a keyboard map, then select OK and press Enter. 

Select Start Installation or System, then select OK and press Enter. 
Select Start Installation or Update, then select OK and press Enter. 
Select Network, press Enter, then select OK and press Enter. 


Select the network protocol that matches the configured protocol on your network installation 
server, then press Enter. 


(Conditional) If you have more than one network interface card, select one of the cards, then 
press Enter. 


We recommend eth0. 

When prompted whether you want to use DHCP, select No, then press Enter. 
Specify the IP address for the server, then press Enter. 

Specify the subnet mask, then press Enter. 

Specify the gateway, then press Enter. 

Specify the IP address of a name server, then press Enter. 

Specify the IP address of the network installation server, then press Enter. 


(Conditional) Depending on the protocol you specified, you might see additional screens for 
FTP or HTTP. Select the options that are appropriate for your network, then continue with 
Step 18. 


Specify the path to your installation source on the network installation server, then press Enter. 
Follow the prompts, using the information contained in the following sections: 

19a “Specifying the Installation Mode” on page 46. 

19b “Specifying the Add-On Product Installation Information” on page 47. 

19c “Setting Up the Clock and Time Zone” on page 48. 

19d “Specifying the Installation Settings for the SLES Base and OES Installation” on page 48. 
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19e “Specifying Configuration Information” on page 54. 
19f “Finishing the Installation” on page 71. 


20 Complete the server setup by following the procedures in “Completing OES Installation or 
Upgrade Tasks” on page 145. 


New Server Installation Using Physical Media or ISO 


1 From the CD boot menu, select the second option (Installation), then press Enter. 
2 Select the language that you want to use, then click Next. 
3 Read and accept the license agreement, then click Next. 


4 (Conditional) If you haven’t already verified that the media you burned is valid, you can check 
it using the Media Check option; otherwise, click Next to continue with the installation. 


The installation process prompts you for each CD at the appropriate time. The progress status 
at the bottom of the screen indicates which CD will be requested next. 


5 Follow the prompts, using the information contained in the following sections: 
5a “Specifying the Installation Mode” on page 46. 
5b “Specifying the Add-On Product Installation Information” on page 47. 
5c “Setting Up the Clock and Time Zone” on page 48. 
5d “Specifying the Installation Settings for the SLES Base and OES Installation” on page 48. 
5e “Specifying Configuration Information” on page 54. 
5f “Finishing the Installation” on page 71. 


6 Complete the server setup by following the procedures in “Completing OES Installation or 
Upgrade Tasks” on page 145. 


3.3.2 Specifying the Installation Mode 


When selecting the type of installation, select New Installation. 


1 When the Installation Mode screen displays, select the following two menu options, then click 
Next: 


1. New Installation 
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2. Include Add-On Products from Separate Media 





Preparation m 
4 lanaiade D Installation Mode 





¥ License Agreement 
= System Analysis 
è Time Zone 


Installation 
e Installation Summary 
e Perform Installation 


Configuration 
e Root Password 

e Hostname 

e Network 

e Customer Center 
e Online Update 


Select Mode 
©) New Installation 


è Service 

è Users 

è Clean Up 

@ Release Notes 
ca X| Include Add-On Products from Separate Media 
e Hardware Configuration 











Help Back Abort (next) 


2 Continue with Section 3.3.3, “Specifying the Add-On Product Installation Information,” on 
page 47. 


3.3.3 Specifying the Add-On Product Installation Information 


When the Add-On Product Installation page displays: 


1 Click Add. 
2 Ifyouare installing OES 2 from a CD, do the following: 
2a In the Add-On Product Media dialog, click CD, then click Next. 


2b In the Insert the Add-On Product CD dialog, select the appropriate drive where you want 
to insert the OES CD. 


2c Click Eject. 
2d Insert the CD labeled Novell Open Enterprise Server 2 SP2 CD 1, then click Continue. 


3 Ifyou are using an alternate installation source, such as a network installation source, click the 
appropriate option for your situation, then click Next and supply the required information. 


4 Read and accept the Novell Open Enterprise Server 2 license agreement, then click Next. 


5 Confirm that the Add-On Product Installation page shows the correct path to the OES media, 
then click Next. 


6 Continue with Section 3.3.4, “Setting Up the Clock and Time Zone,” on page 48. 
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3.3.4 Setting Up the Clock and Time Zone 


1 Make sure the Clock, Region, Timezone, and Time and Date settings are what you want, then 
click Next. 


You can configure this information after the installation is complete, but it is easier to do it 
during the installation. 


2 Continue with Section 3.3.5, “Specifying the Installation Settings for the SLES Base and OES 
Installation,” on page 48. 


3.3.5 Specifying the Installation Settings for the SLES Base 
and OES Installation 


The Installation Settings page lets you specify which software and services are installed on your 
server. 


* Overview tab: This lets you specify everything that is normally required for an OES 
installation. 


* Expert tab: This lets you fully customize your SLES installation settings. For detailed 
information, see “Deployment” (http://www.novell.com/documentation/sles10/ 
book_sle_reference/data/part_setup.html) in the SLES 10 SP3 Installation and Administration 
Guide (http://www.novell.com/documentation/sles10/book_sle_reference/data/ 
book_sle_reference.html). Keep in mind, however, that the SLES guide does not contain 
instructions for OES-specific components or configurations. 





IMPORTANT: If you accept the defaults at this point in the installation process, only the base OES 
components are installed. 


You can add OES services later, but you should at least read the guidelines and follow the applicable 
procedures in the following sections: 

¢ “Setting Up Disk Partitions” on page 48 

* “Customizing the Software Selections” on page 52 


* “Accepting the Installation Settings” on page 53 





Setting Up Disk Partitions 


In most cases, YaST proposes a reasonable partitioning scheme that can be accepted without change. 
You can also use YaST to customize the partitioning. 

* “Guidelines” on page 49 

+ “NSS on the System Disk” on page 50 

* “Security Flag Recommendations” on page 50 

* “Partitioning X86 Machines” on page 51 

* “Disk Partition Statistics” on page 51 

* “Combining Hard Disk Partitions” on page 51 
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Guidelines 


Table 3-2 presents guidelines for setting up disk partitions on your OES server. For more 
information, see “Installation Settings” (http://www.novell.com/documentation/sles10/ 
book_sle_reference/data/sec_i_yast2_proposal.html) in the SLES 10 SP3 Installation and 
Administration Guide (http://www.novell.com/documentation/sles10/book_sle_reference/data/ 
book_sle_reference.html) 


Table 3-2 Partition Guidelines 


Partition Other Considerations 
to Create 


/boot Depending on the hardware, it might be useful to create a boot partition (/boot) to hold the 
boot mechanism and the Linux kernel. 


You should create this partition at the start of the disk and make it at least 8 MB or 1 cylinder. 
As a rule of thumb, always create such a partition if it was included in the YaST original 
proposal. If you are unsure about this, create a boot partition to be on the safe side. 





IMPORTANT: In a Xen VM installation, format the /boot partition using Ext2 as the file 
system. For a technical explanation of why this is necessary, see “Paravirtual Mode and 
Journaling File Systems (http://www.novell.com/documentation/sles10/xen_admin/data/ 
sec_xen_filesystem.html)” in the Virtualization with Xen (http:/www.novell.com/ 
documentation/sles10/xen_admin/data/bookinfo.html) guide. 








swap This should normally be twice the size of the RAM installed on your server, up to 1 GB. If you 
create a /boot partition, create the swap partition second. Otherwise, create the swap 
partition first. 





/ Define this partition as 3 GB or more. In all cases, create this partition after you create the 
swap partition. Keep in mind that this root (/) partition contains all of the partitions listed below 
that you don’t specifically create. 





/var This contains system logs and should therefore be a separate partition to avoid impacting 
system and service stability due to a disk-full condition. 


Define this partition as 4 GB or more. 





/opt Some (mostly commercial) programs install their data in /opt. 


Define this partition as 4 GB or more. 





/usr Creating this as a separate partition makes updating the server easier if you need to reinstall 
the system from scratch. 


Define this partition as 4 GB or more. 





/srv This contains the Web and FTP servers. 


Consider making this a separate partition to avoid having someone “flood” the disk by accident 
or on purpose, which impacts system and service stability. 





/home User Home directories go here. 


Consider making this a separate partition to avoid having someone “flood” the disk by accident 
or on purpose, which impacts system and service stability. 


You can allocate the rest of the disk space to this partition. 
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Partition Other Considerations 
to Create 


/tmp Creating this as a separate partition is optional. However, because it is writable by everyone, 
best practices suggest creating a separate partition to avoid having someone flood the disk by 
accident or on purpose, which impacts system and service stability. 





Place application specific files on a separate partition. 





If you are building a mail server, note where the mail spools reside because they can grow 
quite large, and you'll need to anticipate this when you are defining partition sizes. 


NSS on the System Disk 


For OES, Novell Storage Services™ (NSS) volumes can be used only as data volumes, not as 
system volumes. 


Additionally, they cannot be created as part of the install process. 


However, you must consider whether you will be creating them in the future on the storage device 
where you are installing Linux. (Creating NSS volumes on storage devices that don’t contain Linux 
system partitions requires no special handling.) 


The default volume manager for Linux POSIX volumes on SUSE Linux is LVM (Linux Volume 
Manager). However, NSS volumes cannot be created on devices managed by LVM; they require 
EVMS (Enterprise Volume Management System) instead. 





IMPORTANT: If you have only a single storage device on the server (such as a single physical disk 
or a hardware RAID 1 or RAID 5 device) and you plan to use NSS volumes for storing data, you 
must follow the instructions in “Installing with EVMS as the Volume Manager of the System 
Device” on page 213 to partition that storage device before proceeding. 


You must also follow the EVMS setup instructions if you are creating Linux system partitions on 
other storage devices that you also want to contain NSS volumes. 





Security Flag Recommendations 


The following table indicates the recommended security flags for each partition. A question mark 
indicates that some software might not work if this flag is set. 


Mount Point Mount Options 

/ 

/var nosuid 

/tmp nosuid 

/home nosuid, nodev, noexec? 

/srv nosuid?, nodev?, noexec?, ro? (after 
installation) 

/usr/local nosuid?, nodev?, ro? (after installation) 
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Please note that the installation process for proprietary software might fail if files in /tmp cannot be 
suid and devices may not work in /usr/local, etc. In such cases, remount those partitions temporarily 
with security deactivated. 


Partitioning X86 Machines 
¢ There can be a maximum of four primary partitions or three primary partitions and one 
extended partition (an extended partition can hold 15 (SCSI) or 63 (IDE) logical partitions). 


* Each partition is assigned a partition type, depending on the file system planned for the 
partition. 


¢ Each partition holds its own file system. 


¢ Partitions are mounted into the file system tree at mountpoints. The content of the partition is 
visible to users with sufficient access privileges below the mountpoint. 


¢ One of the partitions has to hold the root (/) file system (other partitions can be integrated into 
the root file system using the mount command). 


¢ The /etc/fstab file holds partition and mount point information to allow automatic mounting at 
boot time. 


* Device files in the “device” (/dev) partition are used to represent and address partitions; for 


example: 

/dev/hda Master disk on the first IDE channel 

/dev/hdal First primary partition on that disk 

/dev/hda5 First logical partition with an extended partition on 
that disk 

/dev/sdb Second SCSI disk 


/dev/sdb3 Third primary partition on that disk 


Disk Partition Statistics 


Use the following to get information about system storage usage: 


df disk free prints information about partitions 

df -h Provides information in Megabyte or Gigabyte as 
applicable (human readable format) 

du Displays disk usage 

du /dirA Displays size of each file and directory in dirA 

du -sh Prints a summary of information in Megabyte or 
Gigabyte 


Combining Hard Disk Partitions 


* Partitions from two or more hard disks can be combined using the logical volume manager 
(LVM). 


¢ Partitions (physical volumes) can be combined into a volume group, which in turn, can be 
divided into logical volumes that contain their own file systems. 
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Doing this increases flexibility as physical volumes can be easily added to the volume group if more 
storage space is needed. Logical volumes can be increased while the machine is up and running. 


Customizing the Software Selections 





IMPORTANT: To install any of the OES patterns, you must customize the software selections. If 
you don’t make any selections, only the base SLES 10 and base OES packages are installed. 
However, you can install any of the patterns after the base SLES installation is complete. See 
“Installing/Configuring OES 2 SP2 on an Existing Server” on page 107. 





To customize which software packages are installed on the server: 


1 Onthe Installation Settings page, click Software. 


The Open Enterprise Server add-on adds the OES Services category of patterns to the base 
software selection categories offered by the SLES 10 installation. OES Services include 
patterns that contain Novell services or products such as Novell DNS and DHCP services, 
iPrint, or iManager. 


None of the OES Services is selected by default. This lets you fully customize your OES server. 
2 At this point, you can do the following to customize your software selections: 


* Select any number of the OES Services patterns. 





This dialog allows you |< 

to define this system's 

tasks and what 

software to install — — — = — 
pazi Novell AppArmor a] — 

Available tasks and 

software for this [] High Availability Server Base System 

system are shown by N, Documentation | 

re he gl (2 OES Services 


| 

column. To view a O Novell AFP 

description for an 

item, selectitinthe O Novell Archive and Version Ser. 
Novell Backup / Storage Manag 


a Software Selection and System Tasks 











This is the base Novell SUSE Linux runtime system 


list 


Change the status of 
an item by clicking its 
status icon or 
right-click any icon for 
a context menu. With 
the context menu, you 
can also change the 
status of all items. 


Details opens the 
detailed software 
package selection 
where you can view 
and select individual 
software packages. 


The disk usage 
display in the lower 
right corner shows the 
remaining disk space 
after all requested 
changes will have 
been performed. Hard 
disk partitions that are 
full or nearly full can 
denrade system 








0000000000000000000 


Novell CIFS 

Novell Cluster Services (NCS) 
Novell DHCP 

Novell DNS 

Novell Domain Services for Win 
Novell eDirectory 

Novell FTP 

Novell iFolder 

Novell iManager 

Novell iPrint 

Novell Linux User Management. 
Novell NCP Server/ Dynamic St. 
Novell NetStorage 

Novell Pre-migration Server 
Novell QuickFinder 

Novell Remote Manager (NRM) 
Novell Samba 

Novell Storage Services (NSS) 





Details.. 


Cancel 


a 
X 





Name Disk Usage Used |Free Total | 





I 123% 1.7 GB 5.3 GB 7.0 GB 














A description of each pattern displays to the right of the pattern when it is selected. For a 
description of OES Services patterns and the components selected with each pattern, see 
Table 2-4 on page 29. 


You can manually change the default SLES selections by changing the install status and 
selecting the patterns offered in each category. 
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IMPORTANT: If you deselect a pattern after selecting it, you are instructing the 
installation program to not install that pattern and all of it dependent patterns. Rather than 
deselecting a pattern, click Cancel to cancel your software selections, then click the 
Software heading again to choose your selections again. 


Selecting only the patterns that you want to install ensures that the patterns and their 
dependent patterns and packages are installed. 


If you click Accept, then return to software pattern selection page, the selections that you 
made become your base selections and must be deselected if you want to remove them 
from the installation proposal. 





You must install at least one of the SLES Base Technologies patterns. 


Selecting a pattern automatically selects the other patterns that it depends on to complete 
the installation. 


* You can view the details of your selection and add or remove specific packages for the 
installation by clicking Details. 


File Package Extras Help 

































































Filter: | Patterns ha | Package Summary EL 
wij aaa_base SUSE Linux Base Package E 
| Pattern + (i aaa_skel Skeleton for Default Users 
= iw acl Commands for Manipulating POSIX Access Control List 
Mi Server Base System Mw acpid Executes Actions at ACPI Events 
[] Common Code Base WF ash The Ash Shell 
pW Novell AppArmor | W at A Job Manager 
O High Availability | Wi attr A Command to Manipulate File System Extended Attrit 
R Documentation | i audit-libs Dynamic library for libaudit 
= Wi autofs A Kernel-Based Automounter 
[L] Novell AFP pj autoyast2 YaST2 Automated Installation 
LU Novell’Archive anid version Services | iw autoyast2-installation YaST2 - Auto Installation autofs 
fa Nai a dale i bash The GNU Bourne-Again Slq 1.4-23.27.2-i586 
i bc GNU Command Line Calculator 
[C] Naven Chiste Senees (Nes) WA bind-libs Shared libraries of BIND 
O Novell BHE Wi bind-utils Utilities to query and test DNS A 
[] Novell DNS yy binutils GNU Binutils E 
El Novell Domain Services for Windows i ibti iii iaia ei z) 
Novell eDirectory KI! Li | «|» 
D Novell FTP 
[C] Novell iFolder Description | Technical Data | Dependencies | Versions | 
[O Novell iManager — a - - 
[U Novell iPrint aaa_base - SUSE Linux Base Package 
Wi Novell Linux User Management (LUM) a) 
O Novell NCP Server / Dynamic Storage T... br | This package installs several important configuration files. Central scripts like 
SuSEconfig are also in this package. 
| Name | Disk Usage | Used | Free | Total Il 
I 25% 18GB 5.2 GB 7.0 GB 
| Check | |_| Autocheck Cancel | Accept 

















3 When you have the software components selected that you want to install, click Accept. 
4 If prompted with the license agreement for Professional TrueType Fonts, click Accept. 
5 (Conditional) If the prompt for Automatic Changes displays, click Continue. 


6 (Conditional) If prompted, resolve any dependency conflicts. 


Accepting the Installation Settings 


1 Review the final Installation Summary page to ensure that you have all the Installation settings 
you desire. 
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2 After you have changed all the Installation Settings as desired, click Accept. 
3 On the Confirm Installation page, click Install. 
The base installation settings are applied and the packages are installed. 


4 For installations using a network installation source, you can remove the network boot CD 
(SLES 10 SP3 CD 1) from the CD drive. 


5 For installations using a CD or DVD installation source, leave the CD or DVD in the CD-ROM 
or DVD drive. 


6 After the server reboot, proceed with “Specifying Configuration Information” on page 54. 


3.3.6 Specifying Configuration Information 


When the server reboots, you are required to complete the following configuration information: 


. “Specifying the Password for the System Administrator “root” on page 54 
. “Specifying Network Configuration Settings” on page 55 

. “Testing the Connection to the Internet” on page 57 

. “Specifying Novell Customer Center Configuration Settings” on page 57 
“Updating the Server Software During the Installation” on page 60 
“Specifying Service Configuration Settings” on page 63 

“Specifying LDAP Configuration Settings” on page 64 

“Specifying eDirectory Configuration Settings” on page 66 


CMI DAR WN 


“Configuring Novell Open Enterprise Server Services” on page 70 


Specifying the Password for the System Administrator “root” 
In the Password for the System Administrator root page, 


1 Specify the password for the root administrator. 


For security reasons, the root user’s password should be between five and eight characters 
long and should contain a mixture of both uppercase and lowercase letters and numbers. The 
maximum length for passwords is 72 characters, and passwords are case sensitive. If you have 
a password longer than eight characters, click Expert Options > Blowfish > OK. 


2 Confirm the password. 
3 Click Next. 


Specifying the Hostname and Domain Name 


On the Hostname and Domain Name page, 


1 Specify the DNS hostname associated with the IP address you have or will assign to the server. 
2 Specify the DNS domain name for the server. 

3 Deselect Change Hostname via DHCP. 

4 Click Next. 
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Specifying Network Configuration Settings 


On the Network Configuration page, you can change the configuration for the components listed 
below. In this section, we only give details for the Network Interfaces and Firewall settings. 

* “Network Interface” on page 55 

* “Firewall” on page 56 


Configuration success is directly tied to specific networking configuration requirements. Make sure 
that the following settings are configured exactly as specified for the Network Interfaces dialogs. 


. Network Mode 

. Firewall 

IPV6 

. Network Interfaces 

DSL Connections 

. ISDN Adapters 

Modems 

VNC Remote Administration 


. Proxy 


Network Interface 
Specify the setting for each network board on the server: 


1 On the Network Configuration page, click Network Interfaces. 


2 Inthe Network Card Configuration Overview dialog, select the network card you want to 
configure, then click Edit. 


3 Select Static Address Setup, then specify the IP address and the subnet mask for the interface. 


By default, the OES installation requires you to configure the network card to use a static IP 
address. 


4 In the Detailed Settings list, select Hostname and Name Server. 


4a In the Name Servers and Domain Search List panel, specify from one to three DNS server 
IP addresses. 


4b Click OK to return to the Detailed Settings list. 
5 In the Detailed Settings list, select Routing. 


5a Specify the IP address of the default gateway on the subnet where you are installing the 
OES server. 


5b Click OK to return to the Detailed Settings list. 
6 Click Next to return to the Network Card Configuration Overview dialog. 


7 Complete Step 2 through Step 6 for each network board, then click Next to return to the main 
Network Configuration page. 


Installing OES 2 SP2 


55 


Firewall 


For security reasons, a firewall is started automatically on each configured interface. The 


configuration proposal for the firewall is updated automatically every time the configuration of the 


interfaces or services is modified. 


Many of the OES services require an open port in the firewall. Table 3-3 shows the ports that are 


automatically opened when each listed OES service is configured. 


Table 3-3 Open Enterprise Server Services and Ports 





Service Default Ports 
Domain Services for Windows * 1636 
eDirectory™ + 389 (Idap) 


+ 


+ 


636 (secure Idap) 

8028 (http for iMonitor) 

8030 (secure http for iMonitor) 
524 (ncp) 











iManager + 80 http 
* 443 secure http 
iPrint + 80 http 
* 443 secure http 
* 631 ipp 
Novell AFP * 548 
Novell Archive and Version Services * 26029 

















Novell CIFS + 636 (secure Idap) 
Novell DHCP * 67 
Novell DNS * 53 http 

* 953 secure http 
Novell FTP * 21 
Novell Information Portal + 80 http 


443 secure http 





Novell NetWare Core Protocol (NCP™) 


524 





Novell Remote Manager 


8008 http 
8009 secure http 





OpenWBEM 


QuickFinder™ 
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5988 http 
5989 secure http 


80 http 
443 secure http 


Service Default Ports 


Samba + 139 (netbios) 
* 445 microsoft-ds 











Secure Shell * 22 
Storage Management Services (Backup) * 40193 smdr daemon 
UDP * 524 


To adapt the automatic settings to your own preferences, 


1 Click Change > Firewall. 


2 Inthe left panel select the settings you want to change, then make the changes in the right 
panel. 


3 When you are finished, click Accept. 
For more information about the firewall, see Section 44.4.1, “Configuring the Firewall with YaST” 
in the SUSE Linux Enterprise Server Installation and Administration Guide (http:// 


www.novell.com/documentation/sles10/book_sle_reference/data/ 
sec_fire suse.html#sec_fire_suse_yast). 


To disable the firewall: 
1 On the Network Configuration page, under the Firewall heading, click enabled on the Firewall 
is enabled status line. 
When the firewall is disabled, the status for Firewall should read Firewall is disabled. 


2 When all settings in the Network Configuration page are set as desired, click Next to save the 
configuration, then continue with “Testing the Connection to the Internet” on page 57. 


Testing the Connection to the Internet 
On the Test Internet Connection page: 


1 Select Yes, Test Connection to the Internet, then click Next. 


Obtaining the latest SUSE release notes might fail at this point. If it does, view the log to verify 
that the network configuration is correct, then, click Next. 


If the network configuration is not correct, click Back > Back and fix your network 
configuration. See “Network Interface” on page 55. 


Skipping this test also skips downloading release notes, configuring the Novell Customer 
Center, and updating online. 


2 Continue with “Specifying Novell Customer Center Configuration Settings” on page 57. If you 
skip this test, continue with “Specifying Service Configuration Settings” on page 63. 


Specifying Novell Customer Center Configuration Settings 


To receive support and updates for your OES 2 SP2 server, you must register it in the Novell 
Customer Center (NCC). When the Novell Customer Center Configuration page is displayed, you 
have two options. You can choose to register the server during the installation or register it later. 
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To register the server and get online update after the installation is complete: 


1 Click Configure Later. 
2 Continue with “Specifying Service Configuration Settings” on page 63. 


3 Register the server after the installation is complete by using the procedures in Section 7.3, 
“Registering the Server in the Novell Customer Center,” on page 151. 


To register the server during the installation: 
1 On the Novell Customer Center Configuration configuration page, select all of the following 
options, then click Next. 
Option What it Does 


Configure Now Proceeds with registering this server and the SLES 10 SP3 and OES 2 
SP2 product in the Novell Customer center. 





Hardware Profile Sends the information to the Novell Customer Center about the hardware 
that you are installing SLES 10 SP3 and OES 2 SP2 on. 





Optional Information Sends optional information to the Novell Customer Center for your 
registration. For this release, this option doesn’t send any additional 
information. 





Registration Code Makes the registration with activation codes mandatory. 





Regularly Synchronize Keeps the installation sources for this server valid. It does not remove any 
with the Customer installation sources that were manually added. 
Center 


2 After you click Next, the following message is displayed. 
Contacting server.. 


This may take a while 


Wait until this message disappears and the Manual Interaction Required page displays. 


3 On the Manual Interaction Required page, note the information that you will be required to 
specify, then click Continue. 


4 On the Novell Customer Center Registration page, specify the required information in the 
following fields, then click Submit: 


Field Information to Specify 


Email Address The e-mail address for your Novell Login account. 





Confirm Email Address The same e-mail address for your Novell Login account 





Activation Code for Specify your purchased or 60-day evaluation registration code for the 
SLES Components SLES 10 product. 
(optional): 


If you don’t specify a code, the server cannot receive any updates or 
patches. 
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Field Information to Specify 





Activation Code for Specify your purchased or 60-day evaluation registration code for the OES 
OES Components 2 product. 
(optional): 
If you don’t specify a code, the server cannot receive any updates or 
patches. 
System Name or Specify a description to identify this server. 


Description (optional): 


5 When the message to complete the registration displays, click Continue. 


Mozilla Browser 





File Edit View Go 


GO 


Novell Customer Center System Registration 


To complete the process of registering this system and getting access to online updates, you need to finish the 
registration process. To proceed, click the Continue button 


To change the registration or subscription information for this system, you can log in to the Novell Customer Center at 
any time using the same credentials that you use to log in to your Novell Login account. You can access the Novell 
Customer Center at http:/Amww.novell.com/center 


If you do not yet have a Novell Login account, please create one and make sure that you use the same e-mail address 
that you used when registering this system 


To create the Novell Login account, access the Novell web site at http://www. novell.com/createaccount 





For your convenience, you will be senta follow up e-mail with this information 


Continue » 


N 


© 2008 Novell, Inc. All Rights Reserved 


6 After you click Continue, the following message is displayed with the Manual Interaction 
Required screen. 


Contacting server... 


This may take a while 





Wait until this message disappears and Novell Customer Center Configuration page displays. 


7 When you see the message Your configuration was successful on the Novell Customer 
Center Configuration page, click OK. 
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Novell Customer Center Configuration 


Your configuration was successful. 


An update server has been added to your configuration 





| Details... 





8 Continue with “Updating the Server Software During the Installation” on page 60. 


Updating the Server Software During the Installation 


If you have a successful connection to the Internet and have registered the server in the Novell 
Customer Center, the server displays the Online Update dialog. You can run the online update now 
or skip it and get updates later. 


To skip getting updates during the installation: 


1 On the Online Update page, click Skip Update. 
2 Continue with “Specifying Service Configuration Settings” on page 63. 


To get updates during the installation: 


1 Inthe Online Updates dialog, click Run Update. 





Preparation 


2, Online Update 








Configuration 
Perform Update 
Network 


Run Online Update now? 





© Run Update 
Skip Update 











Help | Back Ped] 


2 On the page that shows that updates are available, select the updates that you want to install, 
then click Accept. The check marks that are shown on the summary portion of the page are 
patches that have already been installed on your system. 
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File Package Patch Extras Help 














fl fetchmsttfonts.sh 

O 0es2-ifolder3-enterprise 

O oes2-nici 

O 0es2-novell-arkmanager 
O oes2-novell-bind 

O oes2-novell-cluster-services 
O oes2-novell-cluster-services-cli 
O oes2-novellfilesystem 

O 0es2-novell-imanager 

CD] ces2-novell-iprint-server 
[C oes2-novell-kerberos-base 
O cesz-novelllum 

O 0es2-novell-migration 

O oes2-novell-ncpserv 

[O cesz-novell-NDSbase 

[ ] 0es2-novell-netstorage 


Recommended update for the Linux kernel 

Recommended update for yast2-inetd 

«f Recommended update for fetchmsttfonts.sh 

f Recommended update for ifolder3-enterprise and others 

sf Recommended update for nici and others 

sf Recommended update for novell-arkmanager and others 
«f Recommended update for novell-bind and others 

sf Recommended update for novell-cluster-services and others 
sf Recommended update for novell-cluster-services-cli and others 
sf Recommended update for novell-filesystem and others 

f Recommended update for novell-imanager and others 

«f Recommended update for novell-iprint-server and others 

sf Recommended update for novell-kerberos-base and others 
wv Recommended update for novell-lum and others 

«f Recommended update for novell-migration and others 

sf Recommended update for novell-ncpserv and others 

f Recommended update for novell-NDSbase and others 

sf Recommended update for novell-netstorage and others 























Show Patch Category: | Installable Patches 





Summary 


O kernel-debug A Debug Version of the Kernel 

O kernel-default The Standard Kernel 

O kernel-kdump kernel for kdump 

va kernel-smp Kernel with Multiprocessor Support 
[] kernel-source The Linux Kernel Sources 

O kernel-syms Kernel Symbol Versions (modversio| 
O kernel-xen The Xen Kernel 

O kernel-xenpae The Xen Kernel with PAE support 








Patch Description 





slesp1-kernel - Recommended update for the Linux kernel 


Update of Linux Kernel on x86 to trigger KMP installation during SP1 installation. 


This update will trigger installation of NVidia or ATI drivers during SLE10 SP1 one update if you have a graphics driver 


supported on of these drivers in your system. 











Disk Usage 





[1% 19GB 1844GB 1863 GB 





‘ ap) 





Description | Technical Data | Dependencies 4 » 








kerne+bigsmp - Kernel with Multiprocessor 
Support and PAE 


This kernel supports up to 64GB of main memory. It 
requires Physical Addressing Extensions (PAE), 
which were introduced with the Pentium Pro 
processor. 


Source Timestamp: 2007/05/17 14:00:09 UTC CVS 
Branch: SLES10_SP1_BRANCH 























Check | [-] Autocheck Accept 





page, click Next. 


3 When you see the message, Installation finished on the Patch Download and Installation 
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Preparation 

Language 

License Agreement 
System Analysis 
Add-On Products 

V TimeZone Retrieving yast2-inetd 

Downloading patch RPM ./rpm/noarch/yast2-inetd-2.13.8-0.7.noarch.patch.rpm OK 

Installation Installing /rpm/noarch/yast2-inetd-2.13.8-0.7.noarch.rpm: "YaST2 - Network Services Configuration" OK 
Y Installation Summary Installation finished. 

vV > Perform Installation 


& Patch Download and Installation 





v 
v 
v 
v Progress Log 





Configuration 

Root Password 
Hostname 
Network 
Customer Center 
Online Update 
Service 

OES Configuration 
Users 

Clean Up 

Release Notes 
Hardware Configuration 


coee0s00ofp<<<< 








Package Installation Progress 
Total Progress 

















[ Help _ Back | | Abort J 





4 Ifthe update makes changes to YaST, the following message displays. Click OK to restart 
YaST. 


Packages for package management were updated. 
Finishing and restarting now. 





5 Because the installation was interrupted, the following message displays. Click Yes to continue 
with the installation. 


Starting Installation... 


The previous installation has failed. 
Would you like it to continue? 


Note: You may have to enter some information again. 





(so | 





6 The online update displays again with additional updates. If a patch has changes to the kernel, 
you might want to deselect it and install it later after the installation is complete. For 
procedures, see “Updating (Patching) an OES 2 SP2 Server” on page 149. 


If you do install patches that have changes to the kernel, click OK when you see the following 
message. 
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The kernel has been updated. The system will 
reboot now then continue the installation. 





7 Because the installation was interrupted again, the following message displays. Click Yes to 
continue with the installation. 


Starting Installation... 


The previous installation has failed 
Would you like it to continue? 


Note: You may have to enter some information again. 





8 After all the patches are installed, continue with “Specifying Service Configuration Settings” 
on page 63. 


Specifying Service Configuration Settings 


1 Inthe Installation Settings page, select or deselect the following options: 


CA Management: You can accept the default settings or change the settings for a greater 
security level. 


The certificate that is created is used by the Apache Web server. If you disable this 
configuration, each service that uses Apache will not work. The option to run the CA 
Management configuration is selected by default. 


For more information about Certificate Authority Management, see in the “Managing X.509 
Certification” in the SUSE LINUX Enterprise Server 10 Installation and Administration Guide 
(http://www.novell.com/documentation/sles10/book_sle_reference/data/cha_yast_ca.html). 


Do Not Enable OpenLDAP Server: Because the Novell eDirectory LDAP server replaces the 
SLES 10 OpenLDAP server, you must not enable this option. It is disabled by default. 


2 Ifyou updated the server during the installation, the default settings for CA management loses 
the root password. You need to reset the password for root in this dialog’s settings. 
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Preparation 

Language 

License Agreement 
System Analysis 
Add-On Products 

V TimeZone 


v 
v 
v 
v 


Installation 
¥ Installation Summary 
V Perform Installation 


Configuration 

Root Password 
Hostname 
Network 
Customer Center 
Online Update 
Service 

OES Configuration 
Users 

Clean Up 

Release Notes 
Hardware Configuration 


coeoo0o0fg<qu<< 





M] Installation Settings 





Skip Configuration 
@) Use Following Configuration 


CA Management 
Unable to retrieve the system root password. Set a CA password to continue. 


Creating default CA and certificate. 
With higher security requirements, you should change the password. 


® CA Name: YaST_Default_CA 

e Common Name: YaST Default CA (tie2) 
® Server Name: tie2 provo.novell.com 

e Country: US 

® Password: [root password] 

® E-Mail: postmaster@provo.novell.com 


OpenLDAP Server 


Start LDAP Server: NO 


Change... v 











Help Abort 





2a On the Installation Settings page, click the CA Management link. 
2b On the Managing CA and Certificates page, click Edit Default Settings. 


2c On the Edit Default Settings page, enter the password for root in the Password and 
Confirm Password fields, then click Next. 


3 When the setting are as desired, click Next and continue with one of the applicable procedures 
as follows: 


* “Specifying LDAP Configuration Settings” on page 64. 
* “Specifying eDirectory Configuration Settings” on page 66. 


Specifying LDAP Configuration Settings 


Many of the OES services require eDirectory. If eDirectory was not selected as a product to install 
on this server but other OES services that do require LDAP services were installed, the LDAP 
Configuration service displays expecting you to in complete the required information. 


To specify the required information on the Configured LDAP Server page: 
1 Inthe eDirectory Tree Name field, specify the name for the existing eDirectory tree that you are 
installing this server into. 


2 In the Admin Name and Context field, specify the name and context for user Admin in the 
existing tree. 


3 In the Admin Password Name field, specify a password for user for user Admin in the existing 
tree. 
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4 Add the LDAP servers that you want the services on this server to use. The servers that you add 
should hold the master or a read/write replica of eDirectory. Do the following for each server 


you want to add. 
4a Click Add. 


4b On the next dialog, specify the following information for the server to add, then click Add. 


* IP Address 


* LDAP port and secure LDAP port 


LDAP Server Configuration ~ 
Use this dialog to specify 

eDirectory LDAP server 

information for the OES services 
you install on this server. 


eDirectory Tree Name 
Specify the eDirectory tree that 
you are installing this server into. 


Admin Name and Context 
Specify the fully distinguished, 
typeful name of a user with 
administrative rights in the tree. 
Use LDAP format. 

For example, 
cn=admin,o=organization. 


Admin Password 
Specify the password for the 
eDirectory Admin user. 


Configured LDAP Servers 
The eDirectory LDAP servers 
listed in this table are servers that 
can be used to configure other 
OES services on this server. 
Each added server must have 
either the master or a read/write 
replica of the eDirectory tree. The 
first server added to the list 
becomes the default server for 
the installed and configured OES 
services to use. 


If you are creating a new tree, the 
server you are installing has the 
master replica. 


If you are installing into an 

existing tree, this server might not 
have a replica copied to it, 
depending on the tree 
configuration. For details, see the 
eDirectory 8.8 documentation. 
http: //www. novell .com/doc 


Add 

Click this option to add an 
eDirectory LDAP server to the 
Configured LDAP Servers table. 


This opens an additional dialog = 
af i «| 


expected, then click Next. 


Configured LDAP Servers 











Directory Tree Name 


9-tree 


Admin name and context 





cn=admin.o=novell 


Admin password 
LASEL 


Configued LDAP Servers 


IP Address LDAP Port Secure LDAP Port |Server 
192.65.47.12 389 636 remote; 


Add Delete 


Back Abort Next | 


5 When all the LDAP servers that you want to specify are listed, click Next. 
6 Verify that the Novell Open Enterprise Server Configuration page displays the settings that you 
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Preparation 


Q Novell Open Enterprise Server Configuration 





v Language 

Y Ucense Agreement 

’ 

z Skip Configuration 

x = Use Following Configuration 

porre LDAP Configuration for Open Enterprise Services 
v Update Summary 

v Perform Update Configure is enabled 

Configuration ® LDAP Server Address: 192.65.47.12 

Y Network i 

Y Customer Center iManager 

v Online Update Configure is enabled 

+ OES Configuration 

e Users * eDirectory tree name: 9-tree 

= c i Up * eDirectory admin name with context cn=admin,o*novell 
. 


Release Notes Linux User Management 
Configure is enabled 


* LDAP admin name with context cn=admin,o=novell 

© LDAP server IP address: 192.65.47.12 

© Linux/Unix config context: o*novell 

® LUM workstation context osnovell 

* Proxy user name with context 

* Restrict read and wnte access of LUM enabled users: yes 

* PAM-enabled services to allow authenticaton via eDirectory 
* login: yes 


+ rsh: yes 

* rlogin: yes 

© xdm: yes 

* openwbem: yes 

© gdm: no 

* gdm-autologin: no 

+ gnome-passwd: no 

+ gnome-screensaver: no 
® gnomesu-pam: no 


Storage Management Services (SMS) 


Configure is enabled 
® LDAP Server: 192.65.47.12 


Change... + 








Help Back Next 


7 Continue with “Configuring Novell Open Enterprise Server Services” on page 70. 


Specifying eDirectory Configuration Settings 


When specifying eDirectory Configuration Settings, you can specify information to create a new 
tree and install the server in that new tree or you can install the server into an existing tree by 
specifying the information for it. Use the following instructions as applicable: 

+ “Creating a New eDirectory Tree and Installing the Server in It” on page 66 


¢ “Tnstalling the Server into an Existing eDirectory Tree” on page 67 


Creating a New eDirectory Tree and Installing the Server in It 


1 On the eDirectory Configuration - New or Existing Tree page, select New Tree. 


2 Inthe eDirectory Tree Name field, specify a name for the eDirectory tree that you want to 
create. 


3 Services that provide HTTPS connectivity are configured to use either an eDirectory certificate 
or the YaST self-signed common server certificate created in Step 1 on page 63. 


The Use eDirectory Certificates for HTTPS Services check box is selected by default so that the 
existing YaST server certificate and key files will be replaced with eDirectory server certificate 
and key files. 


Because self-signed certificates provide minimal security and limited trust, you should consider 
using eDirectory certificates instead. 


66 OES 2 SP2: Installation Guide 


The default YaST server certificate and key files are: 
* Key file: /etc/ssl/servercerts/serverkey.pem 





* Certificate file: /etc/ssl/servercerts/servercert.pem 





The eDirectory server certificate and key files are: 


* Key file: /etc/ssl/servercerts/eDirkey.pem 





* Certificate file: /etc/ssl/servercerts/eDircert.pem 





For more information on certificate management, see “Certificate Management” in the OES 2 
SP2: Planning and Implementation Guide. 


4 Inthe following fields on the eDirectory Configuration - New Tree Information dialog, specify 
the required information. 


* The fully distinguished name and context for the user Admin on the existing server 
* The password for user Admin on the existing server. 
5 Click Next. 


6 Inthe eDirectory Configuration - Local Server Configuration dialog, specify the following 
information: 


* The context for the server object in the eDirectory tree. 
* A location for the eDirectory database. 


The default path is /var/opt/novell/eDirectory/data/dib, but you can use this option to 
change the location if you expect the number of objects in your tree to be large and the 
current file system does not have sufficient space. 


* The ports to use for servicing LDAP requests. 
The default ports are 389 non-secure and 636 secure. 

¢ The ports to use for providing access to the iMonitor application. 
The default ports are 8028 non-secure and 8030 secure. 


7 Click Next and continue with “Specifying Synchronizing Server Time Options” on page 68. 


Installing the Server into an Existing eDirectory Tree 


1 Inthe eDirectory Configuration - New or Existing Tree screen, select Existing Tree. 
2 In the eDirectory Tree Name field, specify a name for the eDirectory tree you want to join. 


3 Services that provide HTTPS connectivity are configured to use either an eDirectory certificate 
or the YaST self-signed common server certificate created in Step | on page 63. 


The Use eDirectory Certificates for HTTPS Services check box is selected by default so that the 
existing YaST server certificate and key files will be replaced with eDirectory server certificate 
and key files. 


Because self-signed certificates provide minimal security and limited trust, you should consider 
using eDirectory certificates instead. 


The default YaST server certificate and key files are: 





* Key file: /etc/ssl/servercerts/serverkey.pem 





* Certificate file: /etc/ssl/servercerts/servercert.pem 
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The eDirectory server certificate and key files are: 





* Key file: /etc/ssl/servercerts/eDirkey.pem 





* Certificate file: /etc/ssl/servercerts/eDircert.pem 


For more information on certificate management, see “Certificate Management” in the OES 2 
SP2: Planning and Implementation Guide. 


4 Inthe following fields on the eDirectory Configuration - Existing Tree Information dialog, 
specify the required information. 


* The IP address of an existing eDirectory server with a replica 
* The NCP port on the existing server 
* The LDAP and secure LDAP port on the existing server. 
¢ The fully distinguished name and context for the user Admin on the existing server 
* The password for user Admin on the existing server. 
5 Click Next. 


6 Inthe eDirectory Configuration - Local Server Configuration dialog, specify the following 
information: 


* The context for the server object in the eDirectory tree. 
* A location for the eDirectory database. 


The default path is /var/opt/novell/eDirectory/data/dib, but you can use this option to 
change the location if you expect the number of objects in your tree to be large and the 
current file system does not have sufficient space. 


¢ The ports to use for servicing LDAP requests. 
The default ports are 389 non-secure and 636 secure. 

¢ The ports to use for providing access to the iMonitor application. 
The default ports are 8028 non-secure and 8030 secure. 


7 Click Next and continue with “Specifying Synchronizing Server Time Options” on page 68. 


Specifying Synchronizing Server Time Options 
eDirectory requires that all OES servers, both NetWare and Linux, are time-synchronized. 

1 Inthe eDirectory Configuration - NTP & SLP page, use the Network Time Protocol (NTP) 
Server field to specify the time source that you want all the servers in the tree to use. 
Specify the IP address or DNS hostname of an NTP server. 

For the first server in a tree, we recommend specifying a reliable, external time source. 


When installing multiple servers in to the same eDirectory tree, make sure that all servers point 
to the same time source and not to server holding the master replica. For example, 
time.novell.com or some other time source. 


For servers joining a tree, specify the same external NTP time source that the tree is using, or 
specify the IP address of a configured time source in the tree. A time source in the tree should 
be running time services for 15 minutes or more before connecting to it, or the time 
synchronization request for the installation fails. 


If the time source server is NetWare 5.0 or earlier, you must specify an alternate NTP time 
source, or the time synchronization request fails. 


68 OES 2 SP2: Installation Guide 


2 If you want to use the server’s hardware clock, select Use Local Clock. 


For servers joining a tree, the installation does not let you proceed if you select this option. You 
must specify the same external NTP time source that the tree is using, or specify the IP address 
of a configured time source in the tree. A time source in the tree should be running time 
services for 15 minutes or more before connecting to it, or the time synchronization request for 
the installation fails. 


3 Continue with “Specifying SLP Configuration Options” on page 69. 


For information on this important topic, see Implementing Time Synchronization in the OES 2 SP2: 
Planning and Implementation Guide. 


Specifying SLP Configuration Options 


1 On the eDirectory Configuration - NTP & SLP page, specify the SLP options as desired. 


You have the following options for configuring SLP: 


+ 


Do Not Configure SLP: This option is good for eDirectory trees with three or fewer 
eDirectory servers. 


Without SLP, users can’t see a tree list, but they should still be able to attach to a tree by 
name. Users can configure the Novell Client™ to use DNS, or they can configure the local 
host file (sSystemDrive%\windows\system32\drivers\etc\hosts on WinXP) to 
resolve tree and server names. Users can also specify preferred tree and context 
information in the DHCP Settings page of the Novell Client. 


Use Multicast to Access SLP: This option allows the server to request SLP information 
by using multicast packets. Use this in environments that have not established SLP DAs 
(Directory Agents). 





IMPORTANT: If you select this option, you must disable the firewall for it to work 
correctly. Multicast creates a significant amount of network traffic and can reduce network 
throughput. 





Configure SLP to use an existing Directory Agent: This option configures SLP to use 
an existing Directory Agent (DA) in your network. Use this in environments that have 
established SLP DAs. When selecting this option, you configure the servers to use by 
adding or removing them from the SLP Directory Agent list. 


Configure as Directory Agent: This option configures this server as a Directory Agent 
(DA). This is useful if you plan to have more than three servers in the tree and want to set 
up SLP during the installation. 


Service Location Protocols and Scope: This option configures the scopes that a user 
agent (UA) or service agent (SA) is allowed when making requests or when registering 
services, or specifies the scopes a directory agent (DA) must support. The default value is 
DEFAULT. Use commas to separate each scope. For example, net.slp.useScopes = 
myScopel,myScope2,myScope3. 


Configured SLP Directory Agents: This option lets you manage the list of hostname or 
IP addresses of one or more external servers on which a SLP Directory Agent is running. 


2 Click Next and confirm your selection if necessary, then continue with Selecting the Novell 
Modular Authentication Services (NMAS) Login Method. 
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| Selecting the Novell Modular Authentication Services (NMAS) Login Method 


1 On the Novell Modular Authentication Services page, select all the login methods you want to 
install. 





IMPORTANT: The NMAS™ client software must be installed on each client workstation 
where you want to use the NMAS login methods. The NMAS client software is included with 
the Novell Client software. 





The following methods are available: 


+ CertMutual: The Certificate Mutual login method implements the Simple Authentication 
and Security Layer (SASL) EXTERNAL mechanism, which uses SSL certificates to 
provide client authentication to eDirectory through LDAP. 


+ Challenge Response: The Challenge-Response login method works with the Identity 
Manager password self-service process. This method allows either an administrator or a 
user to define a password challenge question and a response, which are saved in the 
password policy. Then, when users forget their passwords, they can reset their own 
passwords by providing the correct response to the challenge question. 


* DIGEST-MD5: The Digest MDS login method implements the Simple Authentication 
and Security Layer (SASL) DIGEST-MD5 mechanism as a means of authenticating the 
user to eDirectory through LDAP. 


* NDS: The NDS® login method provides secure password challenge-response user 
authentication to eDirectory. This method supports the traditional NDS password when 
the NMAS client is in use and is installed by default. Reinstallation is necessary only if the 
NDS login method object has been removed from the directory. 


* Simple Password: The Simple Password NMAS login method provides password 
authentication to eDirectory. The Simple Password is a more flexible but less secure 
alternative to the NDS password. Simple Passwords are stored in a secret store on the user 
object. 


+ SASL GSSAPI: The SASL GSSAPI login method implements the Generic Security 
Services Application Program Interface (GSSAPI) authentication. It uses the Simple 
Authentication and Security Layer (SASL), which enables users to authenticate to 
eDirectory through LDAP by using a Kerberos ticket. 


For more information about installing and configuring eDirectory, see “Installing or Upgrading 
Novell eDirectory on Linux in Novell eDirectory 8.8 Installation Guide. 


For more information on these login methods, see the online help and “Managing Login and 
Post-Login Methods and Sequences” in the Novell Modular Authentication Services 3.3.1 
Administration Guide. 


2 Click Next, then continue with “Configuring Novell Open Enterprise Server Services” on 
page 70. 


Configuring Novell Open Enterprise Server Services 


1 After you complete the LDAP configuration or the eDirectory configuration, the Novell Open 
Enterprise Server Configuration summary page is displayed, showing all the OES components 
you installed and their configuration settings. Review the setting for each component and click 
the component heading to change any settings. 


When specifying the configuration information for OES services, see the information in 
“Guidelines for Configuring OES 2 SP2 Components” on page 73. 
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2 
3 


4 


5 


When you are satisfied with the settings for each component, click Next. 
When confirming the OES component configurations, you might receive the following error: 


The proposal contains an error that must be resolved before continuing. 





If this error is displayed, check the summary list of configured products for a message 
immediately below each product heading that indicates the product or service needs to be 
configured. If you are running the YaST graphical interface, the text appears red. If you are 
installing using the YaST text-base interface, it is not red. 


For example, if you have selected Linux User Management in connection with other OES 
products or services, you might see a message similar to the following: 


Linux User Management needs to be configured before you can continue or 
disable the configuration. 


If you see a message like this, do the following: 
3a On the summary page, click the heading for the component. 
3b Supply the missing information in each configuration page. 


When specifying the configuration information for OES services, see the information in 
“Guidelines for Configuring OES 2 SP2 Components” on page 73. 


When you have finished the configuration of that component, you are returned to the 
Novell Open Enterprise Server Configuration summary page. 


3c Ifyou want to skip the configuration of a specific component and configure it later, click 
Enabled in the Configuration is enabled status to change the status to Configuration is 
disabled. 


If you change the status to Configuration is disabled, you will configure the OES 
components after the installation is complete. See “Installing/Configuring OES 2 SP2 on 
an Existing Server” on page 107. 


After resolving all product configuration problems, click Next to proceed with the 
configuration of all components. 


When the configuration has completed, continue with Section 3.4, “Finishing the Installation,” 
on page 71. 


3.4 Finishing the Installation 


The installation concludes with the following steps: 


l. 
Di 
3. 
4. 


User Authentication Method 
Clean Up 
Release Notes 


Hardware Configuration 


After a successful configuration, YaST shows the Installation Completed dialog. In this dialog, do 
the following: 


1 


Optionally, select whether to clone your newly installed system for AutoYaST. To clone your 
system, select Clone This System for AutoYaST. The profile of the current system is stored in / 
root/autoinst.xml. Cloning is selected by default. 
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AutoYaST is a system for automatically installing one or more SUSE Linux Enterprise systems 
without user intervention. AutoYaST installations are performed by using a control file with 
installation and configuration data. For detailed information, see Chapter 8, “Using Auto YaST 
to Install and Configure Multiple OES Servers,” on page 169. 


2 Finish the installation by clicking Finish in the Installation Completed dialog. 


3 After the server reboots, continue with Section 3.5, “Verifying That the Installation Was 
Successful,” on page 72. 


3.5 Verifying That the Installation Was 
Successful 


One way to verify that your OES server installation was successful and that the components are 
loading properly is to watch the server reboot. As each component is loaded, the boot logger 
provides a status next to it indicating if the component is loading properly. 


You can also quickly verify a successful installation by accessing the server from your Web browser. 


1 Inthe Address field of your Web browser, enter the following URLs: 
http://IP_or_DNS 
where /P_or_DNS is the IP address or DNS name of your OES server. 
You should see a Web page displayed similar to the following: 


Novell Open Enterprise Server 2 Support Pack 2 


Novell Open Enterprise Server provides secure, reliable and highly available workgroup services in an open 
environment that's easy to deploy and manage. lt meets the needs of workgroups large and small by 
delivering proven networking, communication and collaboration capabilities. Unlike other server platforms that 
force vendor lock-in or can't meet enterprise needs, Novell Open Enterprise Server delivers advanced 
workgroup services in an open, flexible environment. Novell Open Enterprise Server combines services from 
Novell, the trusted leader for secure networking services, with SUSE Linux Enterprise Server, the leading 
open platform for supporting solutions for your mission-critical needs. (> 


Home 
Management Services 


Client Software 


Novell Customer Center 
Documentation 

Services & Support 
Partners & Communities 
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Virtualize NetWare 


Migrate to Linux 


+ Get Trained 





Consolidate your 
NetWare by running it 
virtualized 


Virtualize NetWare 
Getting Started + 


More about Xen 
virtualization + 


Migrate your NetWare 
services to Linux 


Migrate to Linux: Getting 
Started + 


Need to update your 
skills? Let Novell help 
you stay ahead 


Want to transition your 
NetWare skills to Linux? 
Start here + 


Find Linux counterparts 
for your favorite NetWare 
commands + 





IMPORTANT: If you see the statement “It Works!” instead of the OES Welcome Page, that 
means that the Web and LAMP Server option was selected and installed as a SLES component 
on the server. The default OES behavior can be restored by deleting the /srv/www/htdocs/ 
index.html file from the server. 


You can also view the OES Welcome Page by using http://IP_or_DNS/welcome to access the 


server. 





2 (Optional) If you want to look at the eDirectory tree and begin to see how iManager works, go 
to the OES Information and Management Web page, click Management Tools > iManager, then 
log in as user Admin (the user you created during product installation). 


You can also access iManager by typing the following URL in a browser window and logging 
in as user Admin: 


http://IP_or_DNS_name/nps/iManager.html 
3 Continue with “What's Next” on page 105. 


3.6 Guidelines for Configuring OES 2 SP2 
Components 


Keep the following in mind as you configure the OES 2 SP2 components: 


Table 3-4 Guidelines for Configuring OES Components 


Issue 


Software 
Selections When 
Using Text-Based 
YaST 


Guideline 


Some older machines, such as Dell” 1300, use the text mode install by default when 
the video card does not meet SLES 10 specifications. When you go into the 
Software Selection, and then to the details of the OES software selections, YaST 
doesn't bring up the OES selections like it does when you use the graphical YaST 
(YaST2). 


To view the Software Selection and System Task screen, select Filter > Pattern (or 
press Alt+F > Alt+l). 





Specifying a State 
identifier for a 
Locality Class 
object 


If you to specify a state identifier, for example California, Utah, or Karnataka, as a 
Locality Class object in your eDirectory tree hierarchy, you must make sure to use 
the correct abbreviation in your LDAP (comma-delimited) or NDAP (period- 
delimited) syntax. 


When using LDAP syntax, use “st” to specify a state. For example 
ou=example organization, o=example company, st=utah, c=us 
When using NDAP syntax, use “s” to specify a state. For example 


ou=example organization.o=example company.s=utah.c=us 





Specifying Typeful 
Admin Names 


When installing OES, you must specify a fully distinguished admin name by using 
the typeful, LDAP syntax that includes object type abbreviations (cn=, ou=, o=, 
etc.). For example, you might specify the following: 


cn=admin, ou=example organization, o=example company 
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Issue Guideline 


Using Dot- For all parameters requiring full contexts, you can separate the names by using 
Delimited or comma-delimited syntax; you must be consistent in your usage within the field. 
Comma-Delimited 

Input for All The OES installation routine displays all input in the comma-delimited (LDAP) 


Products format. However, it converts the name separators to dots when this is required by 
individual product components. 





IMPORTANT: After the OES components are installed, be sure to follow the 
conventions specified in the documentation for each product. Some contexts must 
be specified using periods (.) and others using commas (,). However, eDirectory 
supports names like cn=juan\.garcia.ou=users.o=novell. The period (.) inside a 
name component must be escaped. 


When using NDAP format (dot), you must escape all embedded dots. For 
example:cn=admin.o=novell\.provo 


When using LDAP format (commas), you must escape all embedded commas. For 
example:cn=admin, o=novell\,provo 





The installation disallows a backslash and period (\.) in the CN portion of the admin 
name. 


For example, these names are supported: 


cn=admin.o=novell 
cn=admin.o=novell\.provo 
cn=admin.ou=deployment\.linux.o=novell\.provo 


These names are not supported: 


cn=admin\.first.o=novell 
cn=admin\.root.o=novell 


Before LUM-enabling users whose cn contains a period (.), you must remove the 
backslash (\) from the unique_id field of the User object container. 


For example, cn=juan.garcia has a unique_id attribute = juan\.garcia. Before such a 
user can be LUM-enabled, the backslash (\) must be removed from the unique_id 
attribute. 


Each OES component and the configurable fields associated with it are listed in the following 
sections. These components also include the default or previously entered values, where applicable. 
Some components might require some additional configuration as part of the OES installation; this 
information is also included in the tables. 


The following sections list the specific configuration information required for each component: 


¢ Section 3.6.1, “LDAP Configuration for Open Enterprise Services,” on page 75 

* Section 3.6.2, “Novell AFP Services,” on page 76 

* Section 3.6.3, “Novell Archive and Version Services,” on page 77 

¢ Section 3.6.4, “Novell Backup/Storage Management Services (SMS),” on page 78 
* Section 3.6.5, “Novell CIFS for Linux,” on page 78 

* Section 3.6.6, “Novell Cluster Services,” on page 80 

* Section 3.6.7, “Novell DHCP Services,” on page 82 
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¢ Section 3.6.8, “Novell DNS Services,” on page 84 

* Section 3.6.9, “Novell Domain Services for Windows,” on page 86 
* Section 3.6.10, “Novell eDirectory Services,” on page 86 

* Section 3.6.11, “Novell FTP Services,” on page 91 

* Section 3.6.12, “Novell iFolder,” on page 92 

* Section 3.6.13, “Novell iManager,” on page 98 

* Section 3.6.14, “Novell iPrint,” on page 98 

¢ Section 3.6.15, “Novell Linux User Management,” on page 99 

¢ Section 3.6.16, “Novell NCP Server / Dynamic Storage Technology,” on page 101 
* Section 3.6.17, “Novell NetStorage,” on page 102 

* Section 3.6.18, “Novell Pre-Migration Server,” on page 102 

* Section 3.6.19, “Novell QuickFinder,” on page 103 

* Section 3.6.20, “Novell Remote Manager,” on page 103 

* Section 3.6.21, “Novell Samba,” on page 104 

* Section 3.6.22, “Novell Storage Services (NSS),” on page 105 








3.6.1 LDAP Configuration for Open Enterprise Services 


Table 3-5 LDAP Configuration for Open Enterprise Services Values 


Default or Previously Entered 


Page Parameter Values 


Configured LDAP Servers 


* eDirectory Tree Name: Specify the new eDirectory tree 
name (default) or the name of eDirectory tree you are 
installing the server into. 





* Admin Name and Context: Specify the fully distinguished, cn=admin,o=novell 
typeful name of a user with administrative rights in the tree. 
Use LDAP format. 





* Admin Password: Specify a password for the eDirectory 
Admin user. 
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Default or Previously Entered 


Page Parameter Values 


+ Configured LDAP Servers: Specify a list of servers that can LDAP port: 389 


be used to configure other OES services on this server. 
Secure LDAP port: 636 


Each added server must have either the master or a read/ 
write replica of the eDirectory tree. The first server added to 
the list becomes the default server for the installed and 
configured OES services to use. 


Server Type: local 


For each server you must specify an IP Address, LDAP Port, 
Secure LDAP Port, and Server Type 


<Defect 332088 requests information on configuring multiple 
LDAP servers for LUM, a primary and alternates. This is being 


added to the LUM documentation and should be linked here 
for those who are installing LUM.> 


3.6.2 Novell AFP Services 


Table 3-6 Novell Apple Filing Protocol Parameters and Values 


Default or Previously Entered 


Page Parameter Values 


AFP Configuration - Mac Client Access to NSS Volumes 





+ eDirectory Server Address or Host Namer: The IP address 
shown is the default LDAP server for this service. If you do 
not want to use the default, select a different LDAP server in 
the list. 


If you are installing into an existing tree, ensure that the 
server you select has a master replica or read/write replica of 
eDirectory. If you need to add another LDAP server to the list, 
add it using the LDAP Configuration for Open Enterprise 
Services dialog. 
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Default or Previously Entered 


Page Parameter Values 


* AFP Proxy User 


* Use existing user as AFP Proxy User: Select this 
option to use an existing proxy user for the AFP service. 


* Create a new AFP Proxy User: Select this option to 
create a new proxy user for the AFP service. 


+ AFP Proxy User Name: Specify the FQDN (fully 
qualified distinguished name) of the AFP proxy user. 


For example: cn=user, o=novell 





NOTE: This user is granted rights to read the passwords 
of any users, including non-AFP users, that are 
governed by any of the password policies you select in 
the Novell AFP Service Configuration page. 





* AFP Proxy User Password: Specify a password for the 
AFP proxy user to use for authenticating to the AFP 
server, and if specifying an existing proxy user, verify the 
password. 


For more information on proxy user and password 
management, see “Planning Your Proxy Users” in the 
OES 2 SP2: Planning and Implementation Guide. 


Novell AFP Service Configuration 
* Select the Password Policies Assigned to AFP Users: 


The specified AFP Proxy User is granted rights to read the 
passwords of all users assigned to the password policies you 
select. 


If you are installing in a new tree, the list is blank. The install 
will create a policy named AFP Default Policy for you. 


For more information about proxy users and password 
policies, see “System User and Group Management in OES 2 
SP2” and “Coordinating Password Policies Among Multiple 
File Services” in the OES 2 SP2: Planning and 
Implementation Guide. 


For additional configuration instructions, see “Installing and Setting Up AFP” in the OES 2 SP2: 
Novell AFP For Linux Administration Guide 


3.6.3 Novell Archive and Version Services 


Table 3-7 Novell Archive and Version Services Parameters and Values 


Default or Previously Entered 


Page Parameter Values 


Archive and Version Services Configuration 
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Default or Previously Entered 


Page Parameter Values 


* Database Port Number: Specify a port number to use forthe 5432 
archive database communications. 





* Database Username: Specify a username for the arkuser 
administrator of the archive database (the PostgreSQL 
database for the archived data). 





IMPORTANT: The Postgres user must be an unprivileged 
user, not the root user. 








* Database Password: Specify and validate a password forthe The default is the password 
database user. for the eDirectory Admin 
user. 


For additional configuration instructions, see “Setting Up Archive and Version Services ” in the OES 
2 SP1: Novell Archive and Version Services 2.1 for Linux Administration Guide. 


3.6.4 Novell Backup/Storage Management Services (SMS) 


Table 3-8 Novell Backup / Storage Management Services Parameters and Values 


Page Parameter Default or Previously Entered 


Values 
SMS Configuration 
* Directory Server Address: If you do not want to use the The default is the first server 
default shown, select a different LDAP server in the list. selected in the LDAP 


Configuration list of servers. 
If you are installing into an existing tree, ensure that the server 


you select has a master replica or read/write replica of 
eDirectory. If you need to add another LDAP server to the list, 
add it by using the LDAP Configuration for Open Enterprise 
Services dialog. 


For additional configuration instructions, see “Installing and Configuring SMS” in the /nstalling and 
Configuring SMS. 


3.6.5 Novell CIFS for Linux 


Table 3-9 Novell CIFS Parameters and Values 


Default or Previously Entered 


Page Parameter Values 


Novell CIFS Service Configuration 





+ eDirectory server address or host name: Leave the 
default or select from the drop-down list to change to a 
different server. 
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Page 


Parameter 


* Use secure channel for configuration: Leave this option 


as is (preferred), or deselect if desired. 


Default or Previously Entered 


Values 


Selected 





LDAP port for CIFS Server: Do not change the default port 
value during a new tree installation. 


NOTE: If the OES 2 server is attached to an existing tree, you 


can change this to another LDAP port. 





636 





Local NCP Server context: Displays the NCP™ Server 
context. 





+ CIFS Proxy User 


* Use existing user as CIFS Proxy User: Select this 
option to use an existing proxy user for the CIFS 
service. 


* Create a new CIFS Proxy User: Select this option to 
create a new proxy user for the CIFS service. 


+ CIFS Proxy User Name: Specify the FQDN (fully 
qualified distinguished name) of the CIFS proxy user. 


For example: cn=user, o=novell 


NOTE: This user is granted rights to read the 
passwords of any users, including non-CIFS users, that 
are governed by any of the password policies you select 
in the Novell CIFS Service Configuration page. 





+ CIFS Proxy User Password: Specify a password for 
the CIFS proxy user to use when authenticating to the 
CIFS server, and if specifying an existing proxy user, 
verify the password. 


For more information on proxy user and password 
management, see “Planning Your Proxy Users” in the 
OES 2 SP2: Planning and Implementation Guide. 





+ Credential Storage Location: Accept the default (CASA) or 


specify the Local File option. 


The CIFS proxy user password is encrypted and encoded in 
the credential storage location. 


CASA 





Novell CIFS Service Configuration (2) 





+ eDirectory Contexts: Provide a list of contexts that are 


searched when the CIFS User enters a username. The 
server searches through each context in the list until it finds 
the correct user object. 





Novell CIFS Service Configuration (3) 
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Page Parameter 


* Select the Password Policies Assigned to CIFS Users: 


The specified CIFS Proxy User is granted rights to read the 
passwords of all users assigned to the password policies you 
select. 


If you are installing in a new tree, the list is blank. The install 
will create a policy named CIFS Default Policy for you. 


For more information about proxy users and password 
policies, see “System User and Group Management in OES 2 
SP2” and “Coordinating Password Policies Among Multiple 
File Services” in the OES 2 SP2: Planning and 
Implementation Guide. 


Default or Previously Entered 
Values 


For additional configuration instructions, see “Installing and Setting Up CIFS” in the OES 2 SP2: 
Novell CIFS for Linux Administration Guide OES 2 SP2: Novell AFP For Linux Administration 


Guide 


3.6.6 Novell Cluster Services 


Table 3-10 Novell Cluster Services Parameters and Values 


Page Parameter 


Novell Cluster Services (NCS) Configuration 


Default or Previously Entered 
Values 





+ New or Existing Cluster: Specify whether the server is part 
of a new cluster or is joining an existing cluster. 


New Cluster 





* Directory Server Address: The IP address shown is the 
default LDAP server for this service. If you do not want to use 
the default, select a different LDAP server in the list. 


If you are installing into an existing tree, ensure that the 
server you select has a master replica or read/write replica of 
eDirectory. If you need to add another LDAP server to the list, 
add it by using the LDAP Configuration for Open Enterprise 
Services dialog. 
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The default is the first server 
selected in the LDAP 
Configuration list of servers. 


Default or Previously Entered 


Page Parameter Values 


* Cluster FDN: Specify the fully distinguished name (FDN) of 
the cluster. Use the comma format illustrated in the example. 
Do not use dots. 


If you are creating a new cluster, this is the name you will give 
the new cluster and the eDirectory context where the new 
cluster object will reside. You must specify an existing context. 
Specifying a new context does not create a new context. 


If you are adding a server to an existing cluster, this is the 
name and eDirectory context of the cluster that you are 
adding this server to. 


Cluster names must be unique. You cannot create two 
clusters with the same name in the same eDirectory tree. 
Cluster names are case sensitive on Linux. 





* Cluster IP Address: If you are creating a new cluster, specify 
a unique IP address for the cluster. 


The cluster IP address is separate from the server IP address 
and is required to be on the same IP subnet as the other 
servers in the cluster. 


* Storage Device With Shared Media: If you are creating a none 
new cluster, select the device where the Split Brain Detector 
(SBD) partition will be created. 


If you have a shared disk system attached to your cluster 
servers, Novell Cluster Services will create a small cluster 
partition on that shared disk system. This small cluster 
partition is referred to as the Split Brain Detector (SBD) 
partition. Specify the drive or device where you want the small 
cluster partition created. 


You must have at least 20 MB of free space on one of the 
shared disk drives to create the cluster partition. If no free 
space is available, the shared disk drives cannot be used by 
Novell Cluster Services. 


If you do not have a shared disk system connected to your 
cluster servers, accept the default (none). You must create 
the SBD manually before adding a second server to the 
cluster. 





* Optional Device for Mirrored Partitions: If you want to 
mirror the SBD partition for greater fault tolerance, select the 
device where you want to mirror to. 


You can also mirror SBD partitions after installing Novell 
Cluster Services. 





Novell Cluster Services (NCS) Configuration (2) 


* IP Address of this Node: This field contains the IP address 
of this node. If this server has multiple IP addresses, you can 
change the default address to another value if desired. 
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Default or Previously Entered 


Page Parameter Values 


* Start Cluster Services Now: Select this box if you want Selected 
clustering to start now. If you want clustering to start after 
rebooting, or if you want to manually start it later, deselect this 
box. 


This option applies only to installing Novell Cluster Services 
after the OES installation because it starts automatically when 
the server initializes during the installation. 


If you choose to not start Novell Cluster Services software, 
you need to either manually start it after the installation, or 
reboot the cluster server to automatically start it. 


You can manually start Novell Cluster Services by going to 
the /etc/init.d directory and entering ./novell-ncs 
start atthe server console of the cluster server. 


For additional instructions, see the OES 2 SP2: Novell Cluster Services 1.8.7 for Linux 
Administration Guide. 


3.6.7 Novell DHCP Services 


Table 3-11 Novell DHCP Services Parameters and Values 


Default or Previously Entered 


Page Parameter Values 


Novell DHCP Services Configuration 





* DHCP Server Context: Specify a context for the DHCP o=example 
Server object. 


* DHCP Server Object Name: Specify the name of the Server DHCP_example_server 
object that these DHCP services will be running on. 


This is the DHCP server object that contains a list of DHCP 
Services (configuration) served by the DHCP Server. 


* Common DHCP Configuration Object Contexts o=example 


* DHCP Locator Object: Specify the context for the 
DHCP Locator object. 


The DHCP Locator object has references to dhcpServer 
and dhcpService objects. 


* Group Context: Specify the context for the DHCP 
Group object. 


This object is used to grant the necessary rights to the 
eDirectory user used by the DHCP server to access the 
DHCP objects. 





* Log File Location: Specify the path and filename for the It is usually in the /var/ 
DHCP Services log file. You can type the path manually or log/ directory. 
click Browse to locate the log. 
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Page Parameter 


+ 


LDAP Method 


* Static: Select this option if you do not want the DHCP 
server to query the LDAP server for host details. 


+ Dynamic: Select this option if you want the DHCP 
server to query the LDAP server on every request for 
host details. 


Selecting the dynamic LDAP method ensures that the 
responses you receive to queries are accurate, but the 
server takes a longer time to respond. 


Default or Previously Entered 
Values 


Static 





+ 


Referrals 


A referral is a message that the LDAP server sends to the 
LDAP client informing it that the server cannot provide 
complete results and that more data might be on another 
LDAP server. 


+ Chase Referral: Select this option if you want the DHCP 
server to follow referrals. 


* Do Not Chase Referral: Select this option to ignore 
LDAP referrals. 





Novell DHCP LDAP and Secure Channel Configuration 





+ 


eDirectory Server Address or Host Name: The IP address 
shown is the default LDAP server for this service. If you do not 
want to use the default, select a different LDAP server in the 

list. 


If you are installing into an existing tree, ensure that the server 
you select has a master replica or read/write replica of 
eDirectory. If you need to add another LDAP server to the list, 
add it by using the LDAP Configuration for Open Enterprise 
Services dialog. 


Use Secure Channel for Configuration: This option is 
selected by default. When you are configuring DHCP 
services, it ensures that all configuration is transferred over a 
secure channel. 


Deselecting this option lets a user with fewer privileges 
configure LDAP services. 


The default is the first server 
selected in the LDAP 
Configuration list of servers. 


Selected 





LDAP User Name with Context: Specify a typeful, 
distinguished name and context for an LDAP user. 


This user should be an eDirectory user that can access the 
DHOP server. 


cn=joe,o=example 





LDAP User Password: Type a password for the LDAP user. 





LDAP Port for DHCP Server: Select a port for the LDAP 
operations to use. 


636 
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Page Parameter Default or Previously Entered 
Values 
* Use Secure LDAP Channel: This option is selected by Selected 
default to ensure that the data transferred between the DHCP 
server and the LDAP server is secure and private. If you 
deselect this option, the data transferred is in clear text 
format. 





* Certificates (optional) 


* Request Certificate: Specifies what checks to perform 
on server certificate in a SSL/TLS session. Select one of 
the following options: 


* Never. The server does not ask the client for a 
certificate. This is the default 


* Allow: The server requests a client certificate, but if 
a certificate is not provided or a wrong certificate is 
provided, the session still proceeds normally. 


+ Try: The server requests the certificate. If none is 
provided, the session proceeds normally. If a 
certificate is provided and it cannot be verified, the 
session is immediately terminated 


* Hard: The server requests a certificate. A valid 
certificate must be provided, or the session is 
immediately terminated. 


* Paths to Certificate Files: Specify or browse the path 
for the certificate files. 


+ The LDAP CA file contains CA Certificates 


* The LDAP client certificate contains the client 
certificate. 


* The LDAP client key file contains the key file for the 
client certificate. 





Novell DHCP Services Interface Selection 





* Network Boards for the Novell DHCP Server: From the 
available interfaces, select the network interfaces that the 
Novell DHCP server should listen to. 


For additional configuration instructions, see “Installing and Configuring DHCP ” in the OES 2 
SP2: Novell DNS/DHCP Administration Guide for Linux. 


3.6.8 Novell DNS Services 


Table 3-12 Novell DNS Services Parameters and Values 


Default or Previously Entered 


Page Parameter Values 


Novell DNS Configuration 
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Page 


Parameter 


* Common DNS configuration Object and User Contexts 


* Get Context and Proxy User Information from 
Existing DNS Server: Select this option if you are 
configuring DNS in an existing tree where DNS is 
already configured, and you want to use the existing 
Locator, Root Server Info, Group and Proxy User 
contexts. 


* Existing Novell DNS Server Address: Type the IP 
of an NCP server that is hosting the existing DNS 
server and click Retrieve. 


This will fetch the contexts of the Locator, Root Server 
Info, Group and Proxy User contexts. Make sure the 
NCP server hosting the existing DNS server is running 
before clicking Retrieve. 


If you do not wish to use existing contexts, you can 
change those manually. 


* Directory server address: Accept the default or 
select a different LDAP server in the list. 


If you are installing into an existing tree, ensure that 
the server you select has a master replica or read/ 
write replica of eDirectory. If you need to add another 
LDAP server to the list, add it by using the LDAP 
Configuration for Open Enterprise Services dialog. 


* Novell DNS Services Locator Object Context: 
Specify the context for the DNS Locator object. 


The Locator object contains global defaults, DHCP 
options, and a list of all DNS and DHCP servers, 
subnets, and zones in the tree. 


* Novell DNS Services Root Server Info Context: 
Specify the context for the DNS Services root server. 


The RootSrvrInfo Zone is an eDirectory container 
object that contains resource records for the DNS root 
servers. 


* Novell DNS Services Group Object Context: 
Specify the context for the DNS Group object. 


This object is used to grant DNS servers the 
necessary rights to other data within the eDirectory 
tree. 


* Proxy User for DNS Management: Specify the FDN 
of the DNS proxy user. 


An existing user must have eDirectory read, write, and 
browse rights under the specified context. If the user 
doesn't exist, itis created in the context specified. 


+ Specify Password for eDirectory User: Type the 
password for the DNS proxy user. 


For more information on proxy user and password 
management, see “Planning Your Proxy Users” in the 
OES 2 SP2: Planning and Implementation Guide. 


Default or Previously Entered 
Values 


The default is the first server 
selected in the LDAP 
Configuration list of servers. 
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Default or Previously Entered 

Page Parameter Values 

+ Local NCP Server Context: Specify a context for the local o=example 
NCP Server object. 





+ Use Secure LDAP Port: This option is selected by default Selected 
to ensure that the data transferred by this service is secure 
and private. If you deselect this option, the transferred data 
is in clear text format. 





+ Credential Storage Location: Specify where the DNS CASA 
proxy user’s credentials are to be stored. 


For security reasons, the default and recommended 
method of credential storage is CASA. 


For additional configuration instructions, see “Installing and Configuring DNS ” in the OES 2 SP2: 
Novell DNS/DHCP Administration Guide for Linux. 


3.6.9 Novell Domain Services for Windows 


There are multiple configuration scenarios, depending on your deployment. For information, see 
“Installing Domain Services for Windows” in the OES 2 SP2: Domain Services for Windows 
Administration Guide. 


3.6.10 Novell eDirectory Services 


Table 3-13 Novell eDirectory Parameters and Values 


Default or Previously Entered 


Page Parameter Values 


eDirectory Configuration - New or Existing Tree 





+ New or Existing Tree Selected 
+ New Tree: Creates a new tree. 


Use this option if this is the first server to go into the tree 
or if this server requires a separate tree. Keep in mind 
that this server will have the master replica for the new 
tree, and that users must log into this new tree to access 
its resources. 


+ Existing Tree: Incorporates this server into an existing 
eDirectory tree. 


This server might not have a replica copied to it, 
depending on the tree configuration. For details, see the 
“Guidelines for Replicating Your Tree” in the Novell 
eDirectory 8.8 Administration Guide. 
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Page Parameter 


+ eDirectory Tree Name: Specify a unique name for the 
eDirectory tree you want to create or the name of the tree you 
want to install this server into. 


* Use eDirectory Certificates for HTTPS Services: 


Selecting this option causes eDirectory to automatically 
back up the currently installed certificate and key files 
and replace them with files created by the eDirectory 
Organizational CA (or Tree CA). 


Most OES services that provide HTTPS connectivity are 
configured by default to use the self-signed common 
server certificate created by YaST. Self-signed 
certificates provide minimal security and limited trust, so 
you should consider using eDirectory certificates 
instead. 


For all server installations, this option is enabled by 
default and is recommended for the increased security it 
provides. 


To prevent third-pary CA certificates from being 
accidentally backed up and overwritten, deselect this 
option. 


For more information on certificate management and 
this option, see “Security” in the OES 2 SP2: Planning 
and Implementation Guide. 


* Require TLS for Simple Binds with Password: 


Select this option to make connections encrypted in the 
Session layer. 


* Install SecretStore: Select this option to install 
SecretStore(SS), an eDirectory based security product. 


Default or Previously Entered 
Values 





eDirectory Configuration - New/Existing Tree Information 





+ IP Address of an Existing eDirectory Server with a 
Replica: Type the IP address of a server with an eDirectory 
replica. 


This option only appears if you are joining an existing tree. 





* NCP Port on the Existing Server: Type the NCP port used 
by the eDirectory server you specified. 


This option only appears if you are joining an existing tree. 


524 





* LDAP and Secure LDAP Ports on the Existing Server: 


Type the LDAP ports used by the eDirectory server you 
specified. 


This option only appears if you are joining an existing tree. 


389 
636 





* FDN Admin Name with Context: Specify the name of the 
administrative user for the new tree. 


This is the fully distinguished name of a User object that will 
be created with full administrative rights in the new directory. 


cn=admin,o=example 
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Page Parameter 


Admin Password: Specify the eDirectory administrator's 
password. 


This is the password of the user specified in the prior field. 


Default or Previously Entered 
Values 





Verify Admin Password: Retype the password to verify it. 


This option only appears if creating a new tree. 





eDirectory Configuration - Local Server Configuration 





+ 


Enter Server Context: Specify the location of the new server 
object in the eDirectory tree. 





Enter Directory Information Base (DIB) Location: Specify 
a location for the eDirectory database. 


The default path is /var/opt/novell/eDirectory/ 
data/dib, but you can use this option to change the location 
if you expect the number of objects in your tree to be large 
and the current file system does not have sufficient space. 


/var/opt/novell/ 
eDirectory/data/dib 





Enter LDAP Port: Specify the LDAP port number this server 
will use to service LDAP requests. 


389 





Enter Secure LDAP Port: Specify secure LDAP port number 
this server will use to service LDAP requests. 


636 





Enter iMonitor Port: Specify the port this server will use to 
provide access to the iMonitor application. 


iMonitor lets you monitor and diagnose all servers in your 
eDirectory tree from any location on your network where a 
Web browser is available. 


8028 





Enter Secure iMonitor Port: Specify the secure port this 
server will use to provide access to the iMonitor application. 


8030 





eDirectory Configuration - NTP and SLP 
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Page Parameter et or Previously Entered 
* Network Time Protocol (NTP) Server: Specify the IP 
address or DNS hostname of an NTP server. 


* For the first server in a tree, we recommend specifying a 
reliable, external time source. 


* For servers joining a tree, specify the same external 
NTP time source that the tree is using, or specify the IP 
address of a configured time source in the tree. A time 
source in the tree should be running time services for 15 
minutes or more before connecting to it, or the time 
synchronization request for the installation fails. 


If the time source server is NetWare 5.0 or earlier, you 
must specify an alternate NTP time source, or the time 
synchronization request fails. For more information, see 
“Time Services” in the OES 2 SP2: Planning and 
Implementation Guide. 


* Use Local Clock: Alternatively, you can select Use Local 
Clock thus designating the server’s hardware clock as the 
time source for your eDirectory tree. 


This is not recommended if there is a reliable external time 
source available. 
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Default or Previously Entered 


Page Parameter Values 


* (SLP Options) 


* Do Not Configure SLP: This option is good for 
eDirectory trees with three or fewer eDirectory servers. 


Without SLP, users can’t see a tree list, but they should 
still be able to attach to a tree by name. Users can 
configure the Novell Client" to use DNS, or they can 
configure the local host file 
(sSystemDrive%\windows\system32\drivers\e 
tc\hosts on WinXP) to resolve tree and server 
names. Users can also specify preferred tree and 
context information in the DHCP Settings page of the 
Novell Client. 





IMPORTANT: If the tree where you are installing this 
server has or will have more than three servers, you 
must configure SLP. 





* Use Multicast to Access SLP: This option allows the 
server to request SLP information by using multicast 
packets. Use this in environments that have not 
established SLP DAs (Directory Agents). 





IMPORTANT: If you select this option, you must disable 
the firewall for it to work correctly. Multicast creates a 
significant amount of network traffic and can reduce 
network throughput. 





+ Configure as Directory Agent: This option configures 
this server as a Directory Agent (DA). This is useful if 
you plan to have more than three servers in the tree and 
want to set up SLP during the installation. 


* Configure SLP to use an existing Directory Agent: 


This option configures SLP to use an existing Directory 
Agent (DA) in your network. Use this in environments 
that have established SLP DAs. When selecting this 
option, you configure the servers to use by adding or 
removing them from the SLP Directory Agent list. 


* Service Location Protocols and Scope: This option Default 
configures the scopes that a user agent (UA) or service agent 
(SA) is allowed when making requests or when registering : 
services, or specifies the scopes a directory agent (DA) must When selecting the Use 
support. The default value is DEFAULT. Use commas to Multicast to Access SLP or 
separate each scope. For example, net.slp.useScopes = Configure SLP to Use an 


myScope1,myScope2,myScope3. Existing Directory Agent 
option is selected. 


This information is required 





+ Configured SLP Directory Agents: This option lets you Enabled only when 
manage the list of hostname or IP addresses of one or more configuring SLP to use an 
external servers on which a SLP Directory Agent is running. existing Directory Agent. 





Novell Modular Authentication Services 
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IMPORTANT: NMAS™ client software (included with Novell 
Client™ software) must be installed on each client workstation 
where you want to use the NMAS login methods. 





+ CertMutual: The Certificate Mutual login method implements 
the Simple Authentication and Security Layer (SASL) 
EXTERNAL mechanism, which uses SSL certificates to 
provide client authentication to eDirectory through LDAP. 


* Challenge Response: The Challenge-Response login 
method works with the Identity Manager password self- 
service process. This method allows either an administrator 
or a user to define a password challenge question and a 
response, which are saved in the password policy. Then, 
when users forget their passwords, they can reset their own 
passwords by providing the correct response to the challenge 
question. 


+ DIGEST-MD5: The Digest MD5 login method implements the 
Simple Authentication and Security Layer (SASL) DIGEST- 
MD5 mechanism as a means of authenticating the user to 
eDirectory through LDAP. 


* NDS: The NDS login method provides secure password 
challenge-response user authentication to eDirectory. This 
method supports the traditional NDS password when the 
NMAS client is in use. Reinstallation is necessary only if the 
NDS login method object has been removed from the 
directory. 


* Simple Password: The Simple Password NMAS login 
method provides password authentication to eDirectory. The 
Simple Password is a more flexible but less secure 
alternative to the NDS password. Simple Passwords are 
stored in a secret store on the user object. 


* SASL GSSAPI The SASL GSSAPI login method implements 
the Generic Security Services Application Program Interface 
(GSSAPI) authentication by using the Simple Authentication 
and Security Layer (SASL) that enables users to authenticate 
to eDirectory through LDAP by using a Kerberos" ticket. 


If you want to install all of the login methods into eDirectory, click 
Select All. 


If you want to clear all selections, click Deselect All. 


For more information on these login methods, see “Managing 
Login and Post-Login Methods and Sequences” in the Novell 
Modular Authentication Services 3.3.1 Administration Guide. 


Default or Previously Entered 
Values 


Challenge Response and 
NDS selected 


For additional configuration instructions, see “Installing or Upgrading Novell eDirectory on Linux” 


in the Novell eDirectory 8.8 Installation Guide. 


3.6.11 Novell FTP Services 


No additional configuration is required. 
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3.6.12 Novell iFolder 


When you configure iFolder as part of the OES install and configuration, you can specify only an 
EXT3 or ReiserFS volume location for the System Store Path, which is where you are storing 
iFolder data for all your users. You cannot create NSS volumes during the system install. 


If you want to use an NSS volume to store iFolder data, you must reconfigure iFolder after the initial 
OES installation. To reconfigure, use Novell iManager to create an NSS volume, then go to YaST > 
Open Enterprise Server > Install and Configure Open Enterprise Services and select iFolder 3.6 to 
enter new information. All previous configuration information is removed and replaced. 


Table 3-14 Novell iFolder 3.6 Parameters and Values 


Default or Previously 


Page Parameter Entered Values 


Novell iFolder System Configuration Options 





+ iFolder Component to Be Configured All three options are 


+ iFolder Server: This option lets you configure the selected 


settings for the iFolder server that is the central 
repository for storing user iFolders and synchronizing 
files for enterprise users. 


+ iFolder Web Admin: This option lets you create and 
configure settings for the administrator user. 


The iFolder Admin user is the primary administrator 
of the iFolder Enterprise Server. The Web Admin 
server does not need to be configured on the iFolder 
Enterprise Server. Devoting a separate server to the 
Web Admin application improves the performance of 
the iFolder Enterprise Server by reducing the admin 
traffic. 


+ iFolder Web Access: This option lets you configure 
the Web Access server, which is an interface that lets 
users have remote access to iFolders on the 
enterprise server. 


The Web Access server lets users perform all the 
operations equivalent to those of the iFolder client 
through using a standard Web browser. 


The Web Access server does not need to be 
configured in the same iFolder Enterprise Server. 
Directing the user tasks to a separate server and 
thereby reducing the HTTP requests helps to 
improve the performance of the iFolder Enterprise 
Server. 





Novell iFolder System Configuration 





* Name Used to Identify the iFolder System to Users: iFolder 


Specify a unique name to identify your iFolder Enterprise 
Server. 
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* System Description (optional): Specify a descriptive 
label for your iFolder Enterprise Server to identify it to the 
users. 


Default or Previously 
Entered Values 


iFolder Enterprise System 





* Path to Server's Data Files: Specify the case-sensitive 
address of the location where the iFolder Enterprise 
Server stores iFolder application files as well as the user 
iFolders and files. 





IMPORTANT: This location cannot be modified after 
install. 





/var/simias/data/ 





+ Path to the Default Configuration Files: Specify the 
case-sensitive address of the location where the iFolder 
Enterprise Server stores iFolder configuration files. 





IMPORTANT: This location cannot be modified after 


install, and it can be the same location as that of the server 


data files. 





/var/simias/conf 





* Path to the Recovery Agent Certificates (optional): 


Specify the path to the recovery agent certificates that are 


used for recovering the encryption key. 





Novell iFolder System Configuration (2) 





* Name of iFolder Server: Specify a unique name to 
identify your iFolder Enterprise Server. For example: 
Host1. 


server_name 





* iFolder Public URL: Specify the public URL for users to 
reach the iFolder Enterprise Server. 


local ip address 





* iFolder Private URL: Specify the private URL 
corresponding to the iFolder Enterprise Server to allow 
communication between the servers within the iFolder 
domain. The private URL and the public URL can be the 
same. 


local ip address 
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Default or Previously 


Page Parameter Entered Values 


* Select SSL Option for iFolder: Select the SSL option 
you want to set up a secure connection between the 
iFolder server and the iFolder clients. 


There are three options for the channel for data transfer: 
SSL, Non SSL, and Both. However, authentication is 
always over SSL (not optional). 


* Both: (default) This option lets you select secure or 
non secure channel for communication among the 
iFolder server, Web Admin server, Web Access 
server and the clients. 


* Non SSL: Select this option to enable unsecured 
communication between the iFolder server, Web 
Admin server, Web Access server and the clients. 
The iFolder uses the HTTP channel for 
communication. 


* SSL: Select this option to enable a secure 
connection among the iFolder server, iFolder Web 
Admin server, iFolder Web Access server, and the 
iFolder clients. The iFolder uses the HTTPS channel 
for communication. 


By default, these components use the HTTPS 
(secure)communication channel. However, all 
components can also be configured to use HTTP. 





* iFolder Port to Listen On: Specify the port for the iFolder 80 
to listen on. 





¢ Install into Existing iFolder Domai:n Select this option not selected 
when you want to attach to an existing iFolder domain. 


If this option is not selected, this server becomes the 
Master iFolder server. 





* Private URL of the Master Server: Specify the private 
URL of the Master iFolder server that holds the master 
iFolder data for synchronization to the current iFolder 
Enterprise Server. 





+ Configure LDAP Groups Plugin: Select this option to 
configure the LDAP Groups plug-in. 


If this option is left unselected, iFolder will not have LDAP 
Group support enabled. 





Novell iFolder LDAP Configuration 
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Page 


Parameter 


* Directory server address: The IP address shown is the 


default LDAP server for this service. If you do not want to 


use the default, select a different LDAP server in the list. 


If you need to add another eDirectory LDAP server to the 


list, use the LDAP Configuration for Open Enterprise 
Services dialog. 


If you are installing into an existing tree, ensure that the 


server you select has a master replica or read/write replica 


of eDirectory. 


If you are installing into an existing tree, you must enter 
the password of an admin user in the tree. 


Default or Previously 
Entered Values 


The default is the first 
server selected in the 
LDAP Configuration list of 
servers. 





* Use Alternate LDAP server: If you need to add another 
LDAP server to the list, select this option and enter the 
following information: 


* Alternate Directory Server Address: Specify the 


host or IP address of the alternate LDAP server that 


iFolder will use. 


* LDAP Port: Specify the LDAP port to use for this 
alternate server. 


* LDAP Secure Port: Specify the LDAP secure port to 


use for this alternate server. 


* Admin Name and Context: Specify the 
administrator name and context for the alternate 
LDAP server. 


* Admin Password: Type the specified 
administrator’s password. 


Novell iFolder System Configuration 





* The iFolder Default Administrator: Specify the 


username for the default iFolder administrative user. Use 


the full distinguished name of the iFolder administrative 
user. 


cn=admin,o=example 





+ iFolder Admin Password: Specify a password for the 
iFolder administrative user. 





* Verify iFolder Admin Password: Type the password for 


the iFolder administrative user again. 





the LDAP Proxy user. 


This user must have the Read right to the LDAP service. 
This user is used to provision the users between iFolder 
Enterprise Server and the LDAP server. If it does not 
already exist, this user is created and granted the Read 


right to the root of the tree. The LDAP proxy user's domain 


name (DN) and password are stored by iFolder. 


LDAP Proxy User: Specify the full distinguished name of 


cn=user,o=example 
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Default or Previously 


Page Parameter Entered Values 


* LDAP Proxy User Password: Specify a password for the 
LDAP Proxy user. 


For more information on proxy user and password 
management, see “Planning Your Proxy Users” in the 
OES 2 SP2: Planning and Implementation Guide. 





* Verify LDAP Proxy User Password: Type the password 
for the LDAP Proxy user again. 





* LDAP Search Context: Click Add, then specify an LDAP o=example 
tree context to be searched for users to provision them in 
iFolder. For example, o=acme, o=acme2, or o=acme3 


If no context is specified, only the iFolder administrative 
user is provisioned for services during the install. 





+ LDAP Naming Attribute: Select which LDAP attribute of Common Name (CN) 
the User account to apply when authenticating users. This 
setting cannot be changed after the install. 


Each user enters a username in this specified format at 
login time. Common Name (CN) is the default, and an e- 
mail address (email) is the other option. 


For example, if a user named John Smith has a common 
name of jsmith and e-mail of john.smith@example.com, 
this field determines whether the user enters jsmith or 
john.smith@example.com as the username when logging 
in to the iFolder Enterprise Server. 


+ Require a Secure Connection Between the LDAP Selected 
server and the iFolder Server.: If the LDAP server co- 
exists on the same computer as the iFolder Enterprise 
Server, you can deselect this option, which increases the 
performance of LDAP authentications. 





Novell iFolder Web Access Configuration 





* Apache Alias: Specify the Apache alias to point to the lifolder 
iFolder Web Access Application. This is a user-friendly 
pointer for the Apache service. 





* Host or IP Address of the iFolder Server: Specify the local server 
host or IP address of the iFolder Enterprise Server to be 
used by the iFolder Web Access application. This Web 
Access application performs all the user-specific iFolder 
operations on the host that runs the iFolder Enterprise 
Server. 





* Redirect URL for iChain/Access Gateway (optional): 


Specify the redirect URL for iChain/AccessGateway that 
will be used by the iFolder Web Access application. This 
URL is used for the proper logout of iChain/ 

AccessGateway sessions along with the iFolder session. 
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Default or Previously 


Page Parameter Entered Values 


* Connect to the iFolder Server Using SSL: Select the 
check box to establish a secure connection between the 
iFolder enterprise server and the iFolder Web Admin 
application. 





* iFolder Server Port to Connect on: Specify the port for 
the iFolder server to connect to the Web Acess 
application. Port 443 is the default. Port 80 is the default 
value for non-SSL communication. 





* Require a secure connection between the Web 
browser and the iFolder Web Access application 


Select the check box to establish a secure connection 
between the Web browser and the iFolder Web Access 
application. 


Novell iFolder Web Admin Configuration 





* Apache Alias: Specify an Apache alias to point to the /admin 
iFolder Web Admin application. This is an admin-friendly 
pointer for the Apache service. 





* Host or IP Address of the iFolder Server: Specify the local server 
hostname or IP address of the iFolder Enterprise Server to 
be managed by the iFolder Web Admin application. The 
iFolder Web admin application manages this host. 





* Redirect URL for iChain/Access Gateway (optional): 


Specify the redirect URL for iChain/AccessGateway that 
will be used by the iFolder Web Admin application. This 
URL is used for the proper logout of iChain/ 
AccessGateway sessions along with the iFolder session. 





* Connect to the iFolder Server Using SSL: Select the 
check box to establish a secure connection between the 
iFolder enterprise server and the iFolder Web Admin 
application. 





* iFolder Server Port to Connect on: Specify the port for 
the iFolder server to connect to the Web Admin 
application. Port 443 is the default. Port 80 is the default 
value for non-SSL communication. 





+ Require a secure connection between the Web 
browser and the iFolder Web Access application 


Select the check box to establish a secure connection 
between the Web browser and the iFolder Web Admin 
application. 


For additional configuration instructions, see “Installing and Configuring iFolder Services” in the 
Novell iFolder 3.8 Administration Guide. 
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3.6.13 Novell iManager 
Table 3-15 Novell iManager Parameters and Values 


Default or Previously Entered 


Page Parameter Values 


iManager Configuration 





+ eDirectory Tree: Shows the name of a valid eDirectory tree exampletree 
that you specified when configuring eDirectory. 


To change this configuration, you must change the 
eDirectory configuration. 





* FDN Admin Name with Contextt: Shows the eDirectory cn=admin,o=example 
Admin name and context that you specified when 
configuring eDirectory. This is the user that has full 
administrative rights to perform operations in iManager. 


For additional configuration instructions, see “Installing iManager” in the Novell iManager 2.7 
Installation Guide. 


3.6.14 Novell iPrint 


Table 3-16 Novell iPrint Parameters and Values 


Default or Previously Entered 


Page Parameter Values 


iPrint Configuration 
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* Directory server address: The IP address shown is the 
default LDAP server for this service. If you do not want to 
use the default, select a different LDAP server in the list. 


If you are installing into an existing tree, ensure that the 
server you select has a master replica or read/write replica 
of eDirectory. If you need to add another LDAP server to the 
list, add it by using the LDAP Configuration for Open 
Enterprise Services dialog. 


* Top-Most Container of eDirectory Tree: iPrint uses LDAP 
to verify rights to perform various iPrint operations, including 
authenticating users for printing and performing 
management tasks such as uploading drivers. 


During the installation of the iPrint software, iPrint attempts 
to identify the top-most container of the eDirectory tree and 
sets the base dn to this container for the AuthLDAPURL 
entry in /etc/opt/novell/iprint/httpd/conf/iprint_ssl.conf. 


For most installations, this is adequate because users are 
often distributed across containers. 





IMPORTANT: If you have mutliple peer containers at the top 


of your eDirectory tree, leave this field blank so that the 
LDAP search begins at the root of the tree. 





Default or Previously Entered 
Values 


The default is the first server 
selected in the LDAP 
Configuration list of servers. 


For additional configuration instructions, see “Installing and Setting Up iPrint on Your Server” in 


the OES 2 SP2: iPrint for Linux Administration Guide. 


3.6.15 Novell Linux User Management 


Table 3-17 Novell Linux User Management Parameters and Values 


Page Parameter 


* Directory Server Address: The IP address shown is the 
default LDAP server for this service. If you do not want to 
use the default, select a different LDAP server in the list. 


If you are installing into an existing tree, ensure that the 
server you select has a master replica or read/write replica 


of eDirectory. If you need to add another LDAP server to the 


list, add it by using the LDAP Configuration for Open 
Enterprise Services dialog. 


<Defect 332088 requests information on configuring multiple 
LDAP servers, a primary and alternates. This is being added 


to the LUM documentation and should be linked here when 
completed.> 


Default or Previously Entered 
Values 


The default is the first server 


selected in the LDAP 
Configuration list of servers. 
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Default or Previously Entered 


Page Parameter Values 


+ Unix Config Context: The Unix Config object holds a list of o=example 
the locations (contexts) of Unix Workstation objects in 
eDirectory. It also controls the range of numbers to be 
assigned as UIDs and GIDs when User objects and Group 
objects are created. 


Specify the eDirectory context (existing or created here) 
where the Unix Config object will be created. An LDAP 
search for a LUM User, a LUM Group, or a LUM Workstation 
object begins here, so the context must be at the same level 
or higher than the LUM objects searched for. 


If the Unix Config Object is placed below the location of the 
User objects, the /etc/nam.conf file on the target 
computer must include the support-outside-base- 
context=yes parameter. 


Geographically dispersed networks might require multiple 
Unix Config objects in a single tree, but most networks need 
only one Unix Config object in eDirectory. 





+ Unix Workstation Context: Computers running Linux User o=example 
Management (LUM) are represented by Unix Workstation 
objects in eDirectory. The object holds the set of properties 
and information associated with the target computer, such as 
the target workstation name or a list of eDirectory groups 
that have access to the target workstation. 


Specify the eDirectory context (existing or created here) for 
the Unix Workstation object created by the install for this 
server. The context should be the same as or below the Unix 
Config Context specified above. 





+ Proxy User Name with Context (Optional): Specify a user cn=proxy,o=novell 
(existing or created here) with rights to search the LDAP tree 
for LUM objects. 





* Proxy User Password: Specify a password (existing or 
created here) for the Proxy user. 


For more information on proxy user and password 
management, see “Planning Your Proxy Users” in the OES 2 
SP2: Planning and Implementation Guide. 





* Restrict Access to the Home Directories of Other Users: Selected 


This option is selected by default to restrict read and write 
access for users other than the owner to home directories. 


Using the default selection changes the umask setting in / 
etc/login.defs from 022 to 077. 
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Default or Previously Entered 


Page Parameter Values 





* Services to LUM-enable for authentication via 
eDirectory: Select the services to LUM-enable on this 
server. The services marked yes be available to 
authenticated LUM users. 


IMPORTANT: Before you 
change the PAM-enabled 
service settings, be sure you 
understand the security 

+ login: no implications explained in 
“User Restrictions: Some 


* ftp: no i i. 
OES 2 Linux Limitations” in 

* sshd: no the OES 2 SP2: Planning 
If you want to use the SSH protocol to define a and Implementation Guide. 





NetStorage storage location object, you must select 
SSHD as a LUM-enabled service. 


If do not select SSHD, users cannot to log in to 
NetStorage through SSH to access their files. 


* su: no 

+ rsh: no 

¢ rlogin: no 

* xdm: no 

* openwbem: yes 


This is selected by default because it is used by many 
of the OES services such as iPrint, NSS, SMS, Novell 
Remote Manager, and Samba. To get access to 
iManager, you must enable OpenWBEM. 


* gdm: no 

+ gdm-autologin: no 

+ gnome-passwd: no 

+ gnome-screensaver. no 


+ gnomesu-pam: no 


For additional configuration instructions, see “Setting Up Linux User Management” in the OES 2 
SP2: Novell Linux User Management Technology Guide. 


3.6.16 Novell NCP Server / Dynamic Storage Technology 
Table 3-18 Novell NCP Server Parameters and Values 


Default or Previously Entered 


Page Parameter Values 


NCP Server Configuration 


+ Admin Name with Context: This value is a default value that cn=admin,o=example 
is specified in the eDirectory configuration. 


For additional configuration instructions, see “Installing and Configuring NCP Server for Linux” in 
the OES 2 SP2: NCP Server for Linux Administration Guide. 
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3.6.17 Novell NetStorage 


Table 3-19 Novell NetStorage Parameters and Values 


Default or Previously Entered 


Page Parameter Values 


NetStorage Configuration 





+ Authentication Domain Host: The IP address shown is the The default is the first server 
default LDAP server for this service. If you do not want to use selected in the LDAP 
the default, select a different LDAP server in the list. Configuration list of servers. 


If you are installing into an existing tree, ensure that the 
server you select has a master replica or read/write replica of 
eDirectory. If you need to add another LDAP server to the list, 
add it by using the LDAP Configuration for Open Enterprise 
Services dialog. 





* Proxy User Name with Context: Enter the Proxy User cn=admin,o=example 
Name including the context, or accept the default. 


This user performs LDAP searches for users logging into 
NetStorage. 





* Proxy User Password: Enter a password for the proxy user. o=example 


For more information on proxy user and password 
management, see “Planning Your Proxy Users” in the OES 2 
SP2: Planning and Implementation Guide. 


* User Context: Enter the Users Context, or accept the o=example 
default. 


This is the eDirectory context for the users that will use 
NetStorage. NetStorage searches the eDirectory tree down 
from the specified context for User objects. If you want 
NetStorage to search the entire eDirectory tree, specify the 
root context. 


For additional configuration instructions, see “Installing NetStorage” in the OES 2 SP2: NetStorage 
for Linux Administration Guide. 


3.6.18 Novell Pre-Migration Server 


No additional configuration is required. For information, see “Preparing the Source Server for 
Migration” the OES 2 SP2: Migration Tool Administration Guide. 
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3.6.19 Novell QuickFinder 


Table 3-20 Novell QuickFinder Parameters and Values 


Default or Previously Entered 


Page Parameter Values 


Novell QuickFinder Admin User 





* Novell QuickFinder Admin User Type: Make the Local 
QuickFinder administrator a LUM-enabled eDirectory user or 
a local Linux user. 


* Local: Select this option to give QuickFinder Server 
administration rights to a local Linux user (the default is 
the root user if no other local users exist). 


* Directory LUM Enabled: Gives QuickFinder Server 
administration rights to an eDirectory user. 


+ eDirectory Admin Name: Enter the QuickFinder cn=admin.o=example 
administrator name. 


If you selected Directory LUM enabled as the user type, 
include the full context (such as cn=admin,o=novell). 


If you selected Local as the user type, enter only the admin 
name (such as root). If the user does not already exist, it will 
be created. 





* Add noviwww User to the Shadow Group: If only LUM- Selected 
enabled eDirectory users will use QuickFinder, this option 
does not need to be set. 


QuickFinder uses the Pluggable Authentication Modules 
(PAM) to authenticate users for both administration and 
rights-based searching. Because QuickFinder is a servlet 
under Tomcat, it has the same rights to the system as the 
Tomcat user (wwwrun). 


For QuickFinder to verify user credentials for local users 
(including root), the wwwrun user must be added to the local 
shadow group. 


For additional configuration instructions, see “Installing QuickFinder Server” in the OES 2: Novell 
QuickFinder Server 5.0 Administration Guide. 


3.6.20 Novell Remote Manager 
No additional configuration for the installation is required. To change the configuration after the 


installation, see “Changing the Configuration” in the OES 2 SP2: Novell Remote Manager for Linux 
Administration Guide. 
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3.6.21 Novell Samba 


Table 3-21 Novell Samba Parameters and Values 


Default or Previously Entered 


Page Field or Selection Values and Comments 


Novell Samba Configuration 





* Directory server address: The IP address shown is the The default is the first server 
default LDAP server for this service. If you do not want to use selected in the LDAP 
the default, select a different LDAP server in the list. Configuration list of servers. 


If you are installing into an existing tree, ensure that the server 
you select has a master replica or read/write replica of 
eDirectory. If you need to add another LDAP server to the list, 
add it by using the LDAP Configuration for Open Enterprise 
Services dialog. 


This is the primary IP address of the LDAP server to which 
CIFS client users (such as Windows users) authenticate, to 
use LDAP for access to the directories and files on this OES 
server. 





* Base Context for Samba Users: The eDirectory context o=example 
(existing or created here) where the default Samba group is 
created. 


By default, this is the same context as the LUM Workstation 
object. Do not change the default unless you are altering the 
standard Samba configuration. 





+ Proxy User Name with Context: A user on the LDAP server cn=servername- 
specified that has rights to search the LDAP tree for Samba — sambaProxy.o=example 
users. 


The name and context must be specified using typeful 
syntax. (cn=name,ou=organizational_unit,o=organization) 





* Proxy User Password: The password of the Proxy User System-generated 
specified above. 


For more information on proxy user and password 
management, see “Planning Your Proxy Users” in the OES 2 
SP2: Planning and Implementation Guide. 


For additional configuration instructions, see “Installing the Novell Samba Components” in the 
OES2 SP2: Samba Administration Guide. 
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3.6.22 Novell Storage Services (NSS) 


Table 3-22 Novell Storage Services Parameters and Values 


Page Parameter Default or Previously Entered 





Values 
NSS Unique Admin Object 
* Directory Server Address: The IP address shown is the The default is the first server 
default LDAP server for this service. If you do not want to use selected in the LDAP 
the default, select a different LDAP server in the list. Configuration list of servers. 


If you are installing into an existing tree, ensure that the server 
you select has a master replica or read/write replica of 
eDirectory. If you need to add another LDAP server to the list, 
add it by using the LDAP Configuration for Open Enterprise 
Services dialog. 





+ FD NSS Admin Name with Context: Enter the NSS Admin cn=servernameadmin.o=exa 
name and context or accept the default. mple 


This is the fully distinguished name of a User object with 
administrative rights to NSS. You must have a unique NSS 
admin name for each server that uses NSS. The default NSS 
Admin Name is the server host name concatenated with the 
LDAP Admin Name you entered for this server. For example: 
cn=myserveradmin,o=acme 


$ 


For additional configuration instructions, see “Installing and Configuring Novell Storage Services’ 
in the OES 2 SP2: NSS File System Administration Guide. 


3.7 What's Next 


After you've completed the initial installation, complete any additional tasks you might need to 
perform. See “Completing OES Installation or Upgrade Tasks” on page 145 and “Updating 
(Patching) an OES 2 SP2 Server” on page 149. 
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Installing/Configuring OES 2 SP2 
on an Existing Server 


After installing or upgrading to Novell® Open Enterprise Server (OES 2 SP2), you can also install 
additional products or services and configure them to work in the new environment. If you have 
installed or upgraded a server to SUSE® Linux Enterprise Server (SLES) 10 SP3, you can also add 
OES 2 SP2 services to the server. 

¢ Section 4.1, “Before You Install OES Services on an Existing Server,” on page 107 

¢ Section 4.2, “Installing or Configuring OES Services on an Existing Server,” on page 108 


* Section 4.3, “What's Next,” on page 111 





IMPORTANT: If you have updated a server with a Support Pack, make sure the installation source 
is pointing to the latest Support Pack media. 





4.1 Before You Install OES Services on an 
Existing Server 


* Section 4.1.1, “Always Use YaST to Install and Initially Configure OES,” on page 107 
¢ Section 4.1.2, “Don’t Install OES While Running the Xen Kernel,” on page 107 


4.1.1 Always Use YaST to Install and Initially Configure OES 


Linux administrators sometimes wrongly assume that OES services can be installed or uninstalled 
by simply installing the associated RPMs. OES services require additional configuration that are 
only supported in YaST. 


4.1.2 Don’t Install OES While Running the Xen Kernel 


If you are adding supported OES2 components to a server that is running the Xen kernel, you must 
reset the boot loader to boot the standard kernel before adding the OES 2 SP2 components. 


1 In YaST, select System > Boot Loader > SuSE Linux Enterprise Server 10 SP3 > Set As 
Default > Finish. 


2 Reboot the server. 
After adding the supported OES2 components, reset the boot loader option to Xen. 


1 In YaST, select System > Boot Loader > XEN > Set As Default > Finish. 


2 Reboot the server. 


Be sure to add only those OES 2 SP2 components that are supported on a VM host server. For more 
information, see “Step 3 on page 177.” 


Installing/Configuring OES 2 SP2 on an Existing Server 107 


4.2 Installing or Configuring OES Services on an 
Existing Server 





NOTE: For information on installing and/or configuring OES services as a different administrator 
than originally installed the OES server, see Section 2.5, “Installing OES As a Subcontainer 
Administrator,” on page 19. 





To install or configure OES 2 SP2 services on an existing OES 2 SP2 server or SLES 10 SP3 server: 


1 Open YaST. 


2 Ifan OES 2 SP2 installation source has not been added to the server, continue with this step. 
Otherwise, skip to Step 3. 


2a 
2b 
2c 


2d 


2e 
2f 


2g 
2h 


2 


Click Software > Add-on Product. 
Click Add. 
In the Add-On Product Media dialog, click CD > Next. 


If you are using an alternate installation source, click the appropriate option that matches 
your installation source selection. 


In the Insert the Add-On Product CD dialog, select the appropriate drive where you want 
to insert the CD labeled Open Enterprise Server 2 SP2 CD 1. 


Click Eject. 
Insert the CD labeled Open Enterprise Server 2 SP2 CD 1, then click Continue. 
Read and accept the Novell Open Enterprise Server 2 license agreement, then click Next. 


Confirm that the Add-On Product Installation page shows the correct path to the OES 
media, then click Next. 


Skip to Step 4. 


3 Ifan OES installation source has already been added to the server, click Open Enterprise 
Server > OES Install and Configuration. 


4 On the Software Selection page, select the OES components that you want to install or 
configure. 


Services that you have already installed are indicated by a blue check mark in the status check 
box next to the service. 


5 If you are only configuring or reconfiguring services that are already installed, click Accept, 
then skip to Step 7. 
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By changing the action on |< | 
the patterns shown in each | 
category, you determine 

the role this computer will 
serve in your network, 

such as a desktop, server, 
firewall or collaboration 

device 


The categories listed and 
the patterns preselected for 
installation will vary 
according to the product 
you are installing or 
adding to the computer 


To view a description of a 
patiern in the right pane, 
click a pattern 


To change the installation 
status of a patern, click its 
associated icon on the lefi. 


To view the possible status 
icons and their associated 
meanings, rightclick a 
patiern 


To view or change the 
installation status of 
individual packages ina 
selected patern, click 
Details 


Important: Be sure to 

leave free disk space for = 
system use. Full disk a 
Partitions can degrade DA 











=) Software Selection 








Server Base System 
L] common Code Base 
Novell AppArmor 
[CD] High Availability 
Documentation 


C Novell AFP 

[C] Novell Archive and Version Services 
Novell Backup / Storage Manageme 
O Novell cIFS 

[C] Novell Cluster Services (NCS) 

C Novell DHCP 

[C] Novell DNS 

oO Novell Domain Services for Windows 
Novell eDirectory 

C Novell FTP 

[C] Novell iFolder 

Novell iManager 

[C] Novell iPrint 

Novell Linux User Management (LU 
[C] Novell NCP Server / Dynamic Stora 
Novell NetStorage 

[C] Novell Pre-migration Server 

[C] Novell QuickFinder 











Server Base System 


This is the base Novell SUSE Linux runtime system 














Details. | 





| Name | Disk Usage | Used Free |Total 


(36% 26GB 44GB 70GB 








Cancel | Accept 





Not all OES components require eDirectory to be installed on the local server. Components that 
have a dependency on eDirectory being installed locally will prompt you to install eDirectory if 
it is not already installed. 





IMPORTANT: If you want the OES components to use a local eDirectory database, we 
recommend that you install eDirectory before installing any other OES component. 


If you need to reconfigure eDirectory, we recommend that you use tools provided by 
eDirectory such as iMonitor or iManager to change the configure rather than YaST. The 
configuration provided in YaST is for the initial eDirectory installation and configuration only. 





6 After selecting the services to install, click Accept. 


7 Change the default configuration information as required. 
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Figure 4-1 Example of the OES Configuration Dialog with Configuration and Re-Configuration Statuses 





Preparation 
> OES Configuration 


D Novell Open Enterprise Server Configuration 








Skip Configuration 


®) Use Following Configuration 


LDAP Configuration for Open Enterprise Services 





Reconfigure is disabled 
eDirectory 

Reconfigure is disabled 
Linux User Management 
Reconfigure is disabled 


Storage Management Services (SMS) 





Storage Management Services (SMS) requires additional configuration information before continuing or disable the 
configuration 


Reconfigure is enabled 


* LDAP Server: 192.65.7.1 








Change... v | 











Help Back Abort | Next 





In most cases, the default configuration is acceptable. You need to change the configuration at 
the following times: 


¢ When the installation indicates that more information is required by displaying the 
following message: 





service name service requires additional configuration information 
before continuing or disable the configuration. 


* You want to change the default configuration settings, such as enabling services for LUM. 
* You want to reconfigure a service that has already been configured. 


7a To change the configuration of a newly installed service or a service that has already been 
configured, change its configuration status to Enabled, then click the service heading link 
to access the configuration dialog for that service. 


Newly installed services that have not been configured have the status of Configure is 
enabled. 


Services that have already been configured have a status of Reconfigure is disabled. 


7b Toenable the configuration status of any disabled service configuration, click the 
Disabled link to change the status to Enabled. 


7c To delay the configuration of newly installed services to a later time, click the Enabled 
link to change the status to Configure is disabled. 


8 Whenall the services have complete configuration information and the configuration or 
reconfiguration status is set to enable for the services that you want to configure, click Next to 
continue with the configuration process. 
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4.3 What's Next 


After you've completed the configuration process, complete any additional tasks you might need to 
perform. See “Completing OES Installation or Upgrade Tasks” on page 145 and “Updating 
(Patching) an OES 2 SP2 Server” on page 149. 
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Upgrading to OES 2 SP2 


Novell® Open Enterprise Server 2 provides the option of updating an existing system to the new 
version without completely reinstalling it. No new installation is needed. Existing data such as home 
directories and system configuration is kept intact. During the life cycle of the product, you can 
apply Service Packs to increase system security and correct software defects. 





NOTE: To upgrade an OES 2 VM guest running on Xen, see the additional instructions and 
information in Section 10.5, “Upgrading an OES 2 VM Guest to OES 2 SP2,” on page 186. 





* Section 5.1, “Supported Upgrade Paths,” on page 113 

¢ Section 5.2, “Planning for the Upgrade to OES 2 SP2,” on page 114 

* Section 5.3, “Meeting the Upgrade Requirements,” on page 115 

* Section 5.4, “Upgrading to OES 2 SP2,” on page 118 

¢ Section 5.5, “Finishing the Upgrade,” on page 142 

* Section 5.6, “Verifying That the Upgrade Was Successful,” on page 143 
¢ Section 5.7, “What's Next,” on page 144 


5.1 Supported Upgrade Paths 


Table 5-1 outlines the supported paths for upgrading to OES 2 SP2. 


Table 5-1 Supported OES 2 SP2 Upgrade Paths 


Source 


OES 1 SP2 (32-bit) 


OES 2 (32-bit) 


OES 2 (64-bit) 


OES 2 SP1 (32-bit) 


OES 2 SP1 (64-bit) 


Destination 


OES 2 SP2 (32-bit) 


OES 2 SP2 (32-bit) 


OES 2 SP2 (64-bit) 


OES 2 SP2 (32-bit) 


OES 2 SP2 (64-bit) 


Upgrade Methods Suppported 


Network-based media (offline) 
Physical media (offline) 


Network-based media (offline) 
Physical media (offline) 


Network-based media (offline) 
Physical media (offline) 


Network-based media (offline) 
Physical media (offline) 
Update Channel (online) 


Network-based media (offline) 
Physical media (offline) 
Update Channel (online) 





IMPORTANT: Source servers must have all patches applied from the appropriate SLES and OES 


patch channels prior to an upgrade. 





Upgrading to OES 2 SP2 113 


5.2 Planning for the Upgrade to OES 2 SP2 


¢ Section 5.2.1, “Be Sure to Check the Readme,” on page 114 
¢ Section 5.2.2, “Always Upgrade SLES and OES at the same time,” on page 114 


¢ Section 5.2.3, “Understanding the Implications for Other Products Currently Installed on the 
Server,” on page 114 


5.2.1 Be Sure to Check the Readme 


The “Installation Issues” section documents issues that Novell plans to address in a future release. 


5.2.2 Always Upgrade SLES and OES at the same time 


You must upgrade SUSE® Linux Enterprise Server (SLES) 10 and OES 2 at the same time. 


5.2.3 Understanding the Implications for Other Products 
Currently Installed on the Server 


* “OES I Server Upgrades: Non-OES 2 Packages Are Deleted by Default: on page 114 


e “OES 2 Server Upgrades: Non-OES 2 Packages Are Retained but Might Not Work After 
Upgrading:” on page 115 


OES 1 Server Upgrades: Non-OES 2 Packages Are Deleted by Default: 


During the upgrade process from OES 1 to OES 2 SP2, packages that are not part of the SLES 10 
and OES 2 distributions are automatically selected for deletion. 


Examples include: 


* OES 1 services not included in OES 2: Such as iFolder 2, eGuide, and Virtual Office. For 
more information, see “eGuide, IFolder 2, and Virtual Office Are Still Available on Netware” 
in the OES 2 SP2: Planning and Implementation Guide. 


* Other Novell products: Such as GroupWise®, ZENworks®, and Identity Manager. 


For Information About This Novell Product See This Documentation 


GroupWise GroupWise 7 online documentation (http:// 
www.novell.com/documentation/groupwise.html) 


ZENworks ZENworks online documentation (http:// 
www.novell.com/documentation/zenworks.html) 


Identity Manager Identity Management online documentation 
(http:/Awww.novell.com/documentation/ 
secure_identity_management.html) 





All other All Novell online documentation (http:// 
www.novell.com/documentation/) 
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* SLES 9 services not included in SLES 10: If you installed open source products that were 
included with the SLES 9 distribution, it is possible although unlikely that they have been 
removed in SLES 10. 


¢ Third-party products: If you have installed third-party products, be sure to check that it is 
supported on SLES 10 and follow the upgrade instructions that should be included with it. 


To manually retain packages, you must follow the steps outlined in Section 5.4.9, “Reviewing the 
Delete Unmaintained Packages Notification,” on page 128. 





IMPORTANT: There is no guarantee that packages you have manually retained will run on the 
SLES 10 kernel. For specific compatibility information, see the documentation for the impacted 
product. 





OES 2 Server Upgrades: Non-OES 2 Packages Are Retained but Might Not Work 
After Upgrading: 


During the upgrade process from OES 2 to OES 2 SP2, packages that are not part of the SLES 10 
SP3 and OES 2 SP2 distributions are automatically retained unless you select them for deletion. 


This includes third-party products you have installed as well as other Novell products, such as 
Group Wise®, ZENworks®, and Identity Manager. 


There is no guarantee that these products will continue to work after you upgrade. Therefore, it is 
critical that you check the product documentation for compatibility information before you upgrade 
servers with any Novell product installed. 


For Information About This Novell Product See This Documentation 


GroupWise GroupWise 7 online documentation (http:// 
www.novell.com/documentation/groupwise. html) 





ZENworks ZENworks online documentation (http:// 
www.novell.com/documentation/zenworks.html) 





Identity Manager Identity Management online documentation (http:// 
www.novell.com/documentation/ 
secure_identity_management.html) 





All other All Novell online documentation (http:// 
www.novell.com/documentation/) 


If you have installed a third-party product, be sure to check that it is supported on SLES 10 SP3 and 
follow the upgrade instructions that should be included with it. 


5.3 Meeting the Upgrade Requirements 


Meet the following requirements before you upgrade and install any OES 2 components: 


¢ Section 5.3.1, “Securing Current Data,” on page 116 
¢ Section 5.3.2, “Ensuring There Is Adequate Storage Space on the Root Partition,” on page 116 
¢ Section 5.3.3, “Preparing Your Target Server,” on page 117 


¢ Section 5.3.4, “Checking the Server’s IP Address,” on page 117 
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¢ Section 5.3.5, “Checking the Server’s DNS Name,” on page 117 
* Section 5.3.6, “Making Sure the Server Has a Server Certificate,” on page 117 


¢ Section 5.3.7, “Preparing an Installation Source,” on page 118 


5.3.1 Securing Current Data 


Before upgrading, secure the current data on the server. For example, make a backup copy of the 
data, so you can restore the data volumes later from a backup copy if needed. 


Save your configuration files. Copy all configuration files to a separate medium, such as a streamer, 
removable hard disk, USB stick, or ZIP drive, to secure the data. This primarily applies to files 
stored in /etc as well as some of the directories and files in /var and /opt. You might also want to 
write the user data in /home (the HOME directories) to a backup medium. Back up this data as 
root. Only root has read permission for all local files. 


5.3.2 Ensuring There Is Adequate Storage Space on the Root 
Partition 


Before starting your upgrade, make note of the root partition and space available. 


If you suspect you are running short of disk space, secure your data before updating, and repartition 
your system. There is no general rule of thumb regarding how much space each partition should 
have. Space requirements depend on your particular partitioning profile and the software selected. 





WARNING: If your root partition resides in an EVMS container, you might not be able to 
repartition or expand the size of the root partition without destroying data elsewhere on the device. 





The df -h command lists the device name of the root partition. In the following example, the root 
partition to write down is /dev/nda3 (mounted as /). 


Example: List with df -h. 


tit” # dF -h 

Filesystem Size Used Avail Use? Mounted on 

édev/hdb2 1866 2,96 183G 22 / 

udev 506M 204K SOBM 12 /dev 

tit” # fj 

File System Size Used Avail Use% Mounted on 
/dev/hda3 74G 22 G 53 G 29% 

/tmpfs 506M 0 506M 0% /dev/shm 
/dev/hda5 116G 5.8G 111G 5% /home 
/dev/hda1 39G 1.6G 37G 4% /window/C 
/dev/hda2 4.6G 2.6G 2.1G /window/D 
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5.3.3 Preparing Your Target Server 


Complete the steps in Table 5-2 for your target server. 
Table 5-2 Preparing Your Target Server 


If Your Target Server Is Running Do This Before Upgrading the Server 
SLES 10 SP1 O Ensure that the products and services you have running on the 
server can run on the new SLES 10 SP3 kernel. 


O Make sure the server meets the hardware requirements for SLES 
10 SP3. See “System Requirements for Operating Linux” in the 
Architecture-Specific Information Guide (http://www.novell.com/ 
documentation/sles10/sles_x86/data/cha_sysreqs.html). 


Itanium is not a supported platform for OES 2 SP2. 
OES 1 or OES 1 SP1 1. Upgrade your server to OES 1 SP2 first. 


For assistance, see the OES 1 Documentation on the Web (http:/ 
/www.novell.com/documentation/oes). 


OES 1 SP2 1. Verify the OES 1 server version by using the following command 
at a terminal prompt: 


cat /etc/novell-releas 





2. Patch the OES 1 SP2 server to the latest patch level and ensure 
that the server and services are still running as desired. For 
procedures, see “Patching an OES Server” in the OES 1 Linux 
Installation Guide. (http:/www.novell.com/documentation/oes/ 
install_linux/data/bxlu3xc.html#bxlu3xc) 


OES 2 1. Run YaST > Software > Online Update to patch the OES 2 server 
to the latest patch level. 


2. Ensure that the server and services are still running as desired. 


5.3.4 Checking the Server’s IP Address 


Make sure the server has a static IP address. 


5.3.5 Checking the Server’s DNS Name 


Make sure that DNS returns the correct static IP address when you ping the server's full DNS name. 
For example 


ping myserver.example.com 


5.3.6 Making Sure the Server Has a Server Certificate 





NOTE: Most OES servers have either an eDirectory or a third-party certificate installed. These 
instructions only apply when that is not the case. 
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Make sure the server has a server certificate that has been generated and exported as a Common 
Server certificate. 


To check for or add a certificate, do the following: 


1 Launch YaST. 
2 Click Security and Users > CA Management. 


If no certificate authorities (CAs) are listed, create one by clicking Create Root CA. 


If a CA is listed, you can use it by selecting the CA and clicking Enter CA. 


4 If you are using a listed CA, you must provide the CA password (generally the root password). 
5 Click Certificates > Add. 


Fill out the forms required for a server certificate. After the last form is complete, a server 
certificate is created and listed in the certificate list. 


Select the certificate you just created. 


Click the Export button, then select Export as Common Server Certificate. 


5.3.7 Preparing an Installation Source 


Review and complete the instructions for “Setting Up an Installation Source” on page 39. We 
recommend using the network installation option, especially if you are upgrading multiple servers. 


5.4 Upgrading to OES 2 SP2 


Use the following instructions to complete the upgrade applicable to the installation source you are 
using: 


5 


+ 
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Section 5.4.1, “For Servers with EVMS and NSS on the System Device,” on page 119 


Section 5.4.2, “Upgrading Using a Network Installation Source with DHCP (Offline),” on 
page 119 


Section 5.4.3, “Upgrading Using a Network Installation Source without DHCP (Offline),” on 
page 120 


Section 5.4.4, “Upgrading Using Physical Media (Offline),” on page 122 








Section 5.4.5, “Upgrading Using the Patch Channel (Online),” on page 122 

Section 5.4.6, “Selecting the Installation Mode Options,” on page 124 

Section 5.4.7, “Specifying the Partition to Update,” on page 125 

Section 5.4.8, “Specifying the Add-On Product Installation Information,” on page 127 
Section 5.4.9, “Reviewing the Delete Unmaintained Packages Notification,” on page 128 


Section 5.4.10, “Verifying and Customizing the Update Options in Installation Settings,” on 
page 129 


Section 5.4.11, “Accepting the Installation Settings,” on page 132 
Section 5.4.12, “Specifying Configuration Information,” on page 133 
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5.4.1 For Servers with EVMS and NSS on the System Device 





NOTE: This section doesn’t apply if you are upgrading through the patch channel (Upgrading 
Using the Patch Channel (Online) (page 122).) 





If you are upgrading a server that has EVMS as the volume manager for the system device (the 
device that contains the /boot, swap, and / (root) partitions), and might also have Novell Storage 
Services™ (NSS) pools and volumes on the system device, you need to enable boot.Ivm and 
boot.md. 


Do the following just before you begin the upgrade: 


In YaST, click System > System Services (Runlevel). 

Select Expert Mode. 

Select boot. lvm. 

If the boot level (column B) is not marked with a B, then click Set/Reset > Enable the Service. 
Select boot.md. 

If the boot level (column B) is not marked with a B, then click Set/Reset > Enable the Service. 
Click Finish, then click Yes. 


NO oO FR WN a 


5.4.2 Upgrading Using a Network Installation Source with 
DHCP (Offline) 


1 Ensure that the server meets the upgrade requirements. See “Meeting the Upgrade 
Requirements” on page 115. 


2 Insert SuSE Linux Enterprise Server 10 SP3 CD 1 into the CD-ROM drive (or the SP3 DVD in 
a compatible drive) of the server you want to upgrade to OES 2 SP2 Linux, then reboot the 
server. 


3 From the boot menu, select one of the following Installation options that matches your 
environment, but do not press Enter. 


+ Installation: The normal installation mode. All modern hardware functions are enabled. 


¢ Installation—ACPI Disabled: If the normal installation fails, this might be because of 
the system hardware not supporting ACPI (advanced configuration and power interface). 
If this seems to be the case, use this option to install without ACPI support. 


¢ Installation—Local APIC Disabled: If the normal installation fails, this might be 
because of the system hardware not supporting local APIC (advanced programmable 
interrupt controllers). If this seems to be the case, use this option to install without local 
APIC support. 


If you are not sure, try Installation—ACPI Disabled or Installation—Safe Settings first. 


¢ Installation—Safe Settings: Boots the system with the DMA mode (for CD-ROM 
drives) and power management functions disabled. Experts can also use the command line 
to enter or change kernel parameters. 


4 (Conditional) You can enter boot option parameters to specify all the parameters that the 
manual installation steps will step you through or you can continue with Step 5. 


If you do specify boot options parameters, press Enter then continue with Step 7. 
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For more information on specifying boot option parameters, see “Using Custom Boot Options” 
in the SUSE Linux Enterprise Server Installation and Administration Guide (http:// 
www.novell.com/documentation/sles10/book_sle_reference/data/ 
sec_deployment_remoteinst_bootinst.html#sec_deployment_remoteinst_bootinst_custom). 


5 Press F4, and then select the network installation type (NFS, FTP, HTTP) that you set up on 
your network installation server. 


See Step 2 on page 40 of the Preparing a Network Installation Source procedure. 
Specify the required information (server name and installation path), then select OK. 
Press Enter to begin the upgrade. 

Select a language, then click Next. 


On the License Agreement page, click Yes, I Agree to the License Agreement > Next. 


o O GON SI 


Follow the prompts, using the information contained in the following sections: 

10a “Selecting the Installation Mode Options” on page 124. 

10b “Specifying the Partition to Update” on page 125. 

10c “Specifying the Add-On Product Installation Information” on page 127. 

10d “Verifying and Customizing the Update Options in Installation Settings” on page 129. 
10e “Accepting the Installation Settings” on page 132. 

10f “Specifying Configuration Information” on page 133. 

10g “Finishing the Upgrade” on page 142. 


11 Verify that the upgrade was successful. See the procedures in “Verifying That the Installation 
Was Successful” on page 72. 


12 Complete the server setup by following the procedures in “Completing OES Installation or 
Upgrade Tasks” on page 145. 


5.4.3 Upgrading Using a Network Installation Source without 
DHCP (Offline) 


1 Ensure that the server meets the upgrade requirements. See “Meeting the Upgrade 
Requirements” on page 115. 

2 Insert SuSE Linux Enterprise Server 10 SP3 CD 1 into the CD-ROM drive (or the SP3 DVD in 
a compatible drive) of the server that you are upgrading to OES 2 SP2, then reboot the 
machine. 


3 From the CD boot menu, select one of the following Installation options that matches your 
environment, then press Enter. 


+ Installation: The normal installation mode. All modern hardware functions are enabled. 


¢ Installation—ACPI Disabled: If the normal installation fails, this might be because of 
the system hardware not supporting ACPI (advanced configuration and power interface). 
If this seems to be the case, use this option to install without ACPI support. 


¢ Installation—Local APIC Disabled: If the normal installation fails, this might be 
because of the system hardware not supporting local APIC (advanced programmable 
interrupt controllers). If this seems to be the case, use this option to install without local 
APIC support. 


If you are not sure, try Installation—ACPI Disabled or Installation—Safe Settings first. 
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¢ Installation—Safe Settings: Boots the system with the DMA mode (for CD-ROM 
drives) and power management functions disabled. Experts can also use the command line 
to enter or change kernel parameters. 


At this point you can pre-specify the IP address information, installation source, etc. on the 
Boot Options line (see “Using Custom Boot Options” in the SUSE Linux Enterprise Server 
Installation and Administration Guide (http://www.novell.com/documentation/sles10/ 
book_sle_reference/data/ 
sec_deployment_remoteinst_bootinst.html#sec_deployment_remoteinst_bootinst_custom)), or 
you can press Enter, continue with Step 5, and input everything as the install prompts you. 


If you want to specify boot options parameters, do it now. Then press Enter and continue with 
Step 21 on page 121. 


When you receive the following error, press Enter: 











Could not find the SUSE Linux Enterprise Server 10 Installation source. 
Activating manual set up program. 


Select the language, then select OK and press Enter. 

Select a keyboard map, then select OK and press Enter. 

Select Start Installation or System, then select OK and press Enter. 
Select Start Installation or Update, then select OK and press Enter. 
Select Network, then select OK and press Enter. 


Select the network protocol that matches the configured protocol on your network installation 
server, then press Enter. 


(Conditional) If you have more than one network interface card, select one of the cards, then 
press Enter. 


We recommend eth0, provided that it is connected to the subnet for the primary static IP 
address used by the server you are upgrading. 


When prompted whether you want to use DHCP, select No, then press Enter. 
Specify the static IP address of the server you are upgrading, then press Enter. 
Specify the subnet mask, then press Enter. 

Specify the gateway, then press Enter. 

Specify the IP addresses a name server, then press Enter. 

Specify the IP address of the network installation server, then press Enter. 


(Conditional) Depending on the protocol you specified, you might see additional screens for 
FTP or HTTP. Select the options that are appropriate for your network, then continue with 
Step 20. 


Specify the path to your installation source on the network installation server, then press Enter. 
The installation system loads and the YaST install starts. 

Select the language, then click Next. 

On the License Agreement page, click Yes, I Agree to the License Agreement > Next. 

Follow the prompts, using the information contained in the following sections: 

23a “Selecting the Installation Mode Options” on page 124. 

23b “Specifying the Partition to Update” on page 125. 

23c “Specifying the Add-On Product Installation Information” on page 127. 
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23d “Verifying and Customizing the Update Options in Installation Settings” on page 129. 
23e “Accepting the Installation Settings” on page 132. 

23f “Specifying Configuration Information” on page 133. 

23g “Finishing the Upgrade” on page 142. 


24 Verify that the upgrade was successful. See the procedures in “Verifying That the Installation 
Was Successful” on page 72. 


25 Complete the server setup by following the procedures in “Completing OES Installation or 
Upgrade Tasks” on page 145. 


5.4.4 Upgrading Using Physical Media (Offline) 


1 Ensure that the server meets the upgrade requirements. See “Meeting the Upgrade 
Requirements” on page 115. 


2 Insert the SuSE Linux Enterprise Server 10 SP3 CD I or SuSE Linux Enterprise Server 10 SP3 
DVD 1 into the CD-ROM or DVD drive of the server that you are upgrading to OES 2 SP2, 
then reboot the machine. 


3 From the CD boot menu, select the Installation option that best fits your environment, then 
press Enter. 


4 Select the language that you want to use. 
5 On the License Agreement page, click Yes, I Agree to the License Agreement > Next. 
Follow the prompts, using the information contained in the following sections: 
6a “Selecting the Installation Mode Options” on page 124. 
6b “Specifying the Partition to Update” on page 125. 
6c “Specifying the Add-On Product Installation Information” on page 127. 
6d “Verifying and Customizing the Update Options in Installation Settings” on page 129. 
6e “Accepting the Installation Settings” on page 132. 
6f “Specifying Configuration Information” on page 133. 
6g “Finishing the Upgrade” on page 142. 


7 Verify that the upgrade was successful. See the procedures in “Verifying That the Installation 
Was Successful” on page 72. 


8 Complete the server setup by following the procedures in “Completing OES Installation or 
Upgrade Tasks” on page 145. 


5.4.5 Upgrading Using the Patch Channel (Online) 


* “Before You Start the Upgrade” on page 123 
* “Creating a Password Answer File” on page 123 


+ “Performing the Upgrade” on page 123 
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Before You Start the Upgrade 
Understand the following: 


* You might notice that the SLES documentation refers to this upgrade method as an “online 
migration.” In OES, “migration” implies moving to a new architecture or platform. 


Don’t be confused by the SLES terminology when, for example, you add “migration” products 
to your upgrade channels. 
* The SLES “move-to-sles10-sp3” patch cannot be used to migrate OES 2 SP2. 


+ The OES server being upgraded must be running OES 2 SP1 with the latest patches applied. 
See Table 5-1 on page 113. 


* You can perform a “silent” patch channel upgrade by creating an answer file that contains the 
LDAP (eDirectory) Admin user password and, if you are installing Domain Services for 
Windows, the optional Domain Administrator password. Instructions for doing this are in 
“Creating a Password Answer File” on page 123. 


If you prefer to enter the passwords manually after the software has been updated, skip to 
“Performing the Upgrade” on page 123. 


Creating a Password Answer File 


If you want the upgrade process to run without user intervention after the software is updated, you 
can create an answer file for the YaST install by doing the following, either on an OES 2 SP2 server, 
or on an SP1 server just prior to rebooting it (see Step 7 on page 124). 

1 As root, open a terminal prompt. 


2 Enter the following command: 





sudo yast2 create-answer-file ldap password optional domain admin password 





where /dap_password=the LDAP (eDirectory) Admin password and 
optional domain _admin _password=the DSfW Domain Administrator’s password (if 
applicable). 





3 Copy the resulting file named answer from the current working directory to /opt /novell/ 
oes-install. 


4 Continue with Performing the Upgrade. 


Performing the Upgrade 
1 Ensure that the server meets the upgrade requirements. See “Meeting the Upgrade 
Requirements” on page 115. 


2 Install the move-to-oes2-sp2 patch on the server. This is an optional patch and will never be 
installed automatically. 


2a If you are using rug, enter the following command at a terminal prompt: 
rug in -t patch move-to-oes2-sp2 && rug ping -a 


2b If you are using the GUI Software Updater, click the Software Updater icon, then select 
the move-to-oes2-sp2 patch, and click Update. 


3 Answer all of the prompts that display in the affirmative until the move-to-oes2-sp2 patch is 
installed. 
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4 Verify that the Novell-Open-Enterprise-Server-SP2-migration and SUSE-Linux-Enterprise- 
Server-SP3-migration products are installed along with their associated channels at a terminal 
prompt by entering: 


rug pd -i 
5 Install the recommended patches that are in the channels. 
5a If you are using rug, enter: 
rug up -t patch -g recommended && rug ping -a 
5b If you are using the GUI Software Updater, click the Update button. 


6 Repeat Step 5, answering all of the prompts in the affirmative until you are prompted to reboot 
server. 


7 (Optional) At this point you can create an answer file if desired. See “Creating a Password 
Answer File” on page 123. 


8 Reboot the server. 


9 Ifyou did not provide a password answer file (Creating a Password Answer File (page 123)), 
you must enter the passwords for the LDAP (eDirectory) Admin user and (if applicable) the 
DSfW Domain Administrator to start the configuration process. 


If you provided an answer file, the service configuration process continues automatically. 





IMPORTANT: If an error occurs, for example if the wrong password is entered, you can rerun 
the configuration phase again by either 


*Rebooting the server 
or 
«Entering the following command at a terminal prompt: 
sudo yast2 channel-upgrade-oes 
10 Various messages indicate the services being configured. When the Login prompt appears, 


verify that the upgrade was successful. See the procedures in “Verifying That the Installation 
Was Successful” on page 72. 


11 Complete the server setup by following the procedures in “Completing OES Installation or 
Upgrade Tasks” on page 145. 


5.4.6 Selecting the Installation Mode Options 


1 When the Installation Mode screen displays, select the following menu options: 
1. Update 
2. Include Add-On Products from Separate Media 
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IMPORTANT: To upgrade previously installed OES services and install any additional 
OES services, you must select the Include Add-On Products from Separate Media option. 
If you don’t, the server is only updated to SLES 10 SP3 and none of the OES services are 
upgraded. 











in | Installation Mode 





ement 
=> System Analysis 
@ Time Zone 


Installation 


e Installation Summary 
® Perform ion 





Select Mode 
New Installation 


© Update 


Other Options 


X Include Add-On Products from Separate Media 














Help Back Abort i Next) 


2 Click Next. 


3 Continue with “Specifying the Partition to Update” on page 125 or “Specifying the Add-On 
Product Installation Information” on page 127, depending on which matches your installation. 


5.4.7 Specifying the Partition to Update 


YaST tries to determine which is the correct root (/) partition. If there are several possibilities, or if 
YaST can’t definitely determine the correct root partition, the Select for Update page displays. 





IMPORTANT: If no partitions are listed, you are attempting to upgrade an 1386 installation using 
x86_64 media. Mixing architectures in an upgrade is not permitted. See Section 5.1, “Supported 
Upgrade Paths,” on page 113. You must start the upgrade again using 1386 installation media. 





1 Ifthere is only one partition listed, click Next. 
2 Ifthere are several partitions, select the partition with /evms in the path. 


For example, make sure you select the /dev/evms/1vm/... partition rather than the /dev/ 
lvm/... partition. 


then click Next. YaST reads the old fstab on this partition to analyze and mount the file systems 
listed there. 
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System for Update 


ARRONE Partition or System to Update: 























Upd System Partition | Architecture | File System | Label 
PANIE SUSE Linux Enterprise Server 10 /dev/hda3 i386 Linux native (reiser) 

. Update Summary s E H j . . 

5 Perform Update SUSE Linux Enterprise Server 10 /dev/hda4 i386 Linux native (reiser) 

SUSE LINUX Enterprise Server 9 /dew/hc Linux native (reiser) 

Configuration 

. Network 

. Customer Center 

. Online Update 

. Clean Up 

. Release Notes 

















Ki 








[C] Show All Partitions 





| Help | Back | Abort | Next 








3 Next, YaST tries to mount the boot (/boot) partition. 


If no error displays, skip to “Specifying the Add-On Product Installation Information” on 
page 127. 


4 If you have EVMS on your system disk, you might get an error stating that the partition could 
not be mounted: 





The partition /dev/evms/sdal could not be mounted. 


mount: /dev/evms/sdal is not a valid block device 


If you are sure that the partition is not necessary for the 
update (it is not any system partition), click Continue. 

To check or fix the mount options, click Specify Mount Options. 
To abort update, click Cancel. 








“i| | Specify Mount Options || Cancel | 





If this error displays, click Specify Mount Options. 
The Mount Options dialog appears. 
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Mount Options 
Mount Point 
Device 
\/dev/evms/sdal | 
File System 
(empty for autodetection) 
| OK | [ Cancel 





5 Remove /evms from the Device path. 


| 





Mount Options 


Mount Point 


boot | 





Device 
{dewsdal 


File System 
(empty for autodetection) 


| OK | Cancel | | 


6 Click OK. 











TIP: In rare cases, the same disks are reported as hard disk devices (hda, etc.) on SLES 9 and 
SCSI disk devices (sda, etc.) on SLES 10. 


If after removing /evms from the device path, you still see the error in Step 4, try changing the 
path to use sda instead of hda. 





7 Continue with “Specifying the Add-On Product Installation Information” on page 127. 


5.4.8 Specifying the Add-On Product Installation Information 


1 When the Add-On Product Installation page displays, click Add. 
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2 Inthe Add-On Product Media dialog, if you are installing from physical media, click CD > 
Next. 


2a In the Insert the Add-On Product CD dialog, select the appropriate drive where you want 
to insert the CD labeled Novell Open Enterprise Server 2 SP2 CD 1 if there is more than 
one drive, then click Eject. 


2b Insert the CD labeled Novell Open Enterprise Server 2 SP2 CD 1, then click Continue. 


3 Ifyou are using an alternate installation source, such as a network location, click the 
appropriate option, such as the network protocol that matches your installation source, then 
click Next and specify the information for the source you have specified. 


4 Read and accept the Novell Open Enterprise Server 2 license agreement, then click Next. 


5 Confirm that the Add-On Product Installation page shows the correct path to the OES media, 
then click Next. 


6 If you are upgrading from OES 1 SP2, continue with “Reviewing the Delete Unmaintained 
Packages Notification” on page 128. Otherwise, skip to “Verifying and Customizing the 
Update Options in Installation Settings” on page 129. 


5.4.9 Reviewing the Delete Unmaintained Packages 
Notification 


After the OES 2 SP2 installation source has been added, if you are upgrading from OES 1 SP2, the 
following notification is displayed: 





Important: The Delete Unmaintained Packages option is selected. 


If your server includes packages (RPMs) for any of the following, they are 
about to be deleted: 

-OES 1 services not included in OES 2, such as iFolder 2, eGuide, and Virtual 
Office. 

-Other Novell products, such as GroupWise, ZenWorks, and Identity Manager. 
-SLES 9 services not included in SLES 10. 

-Third-party products. 


Take one of the following actions: 

-Delete these packages by clicking Accept on the Installation Summary screen. 
-Keep specific packages by clicking the Packages link on the Installation 
Settings screen, then changing each specific package's status to Keep. 

-Keep all packages by clicking the Update Options link on the Installation 
Settings screen, then deselecting the Delete Unmaintained Packages option. 


Keeping any packages that are targeted for deletion requires you to resolve 
package conflicts. 


For more information and detailed instructions, see the upgrade sections in the 
OES 2 Linux Installation Guide. 








1 Carefully read the notification. 


2 Decide how you want to proceed. For more information, see “OES | Server Upgrades: Non- 
OES 2 Packages Are Deleted by Default:” on page 114. 


3 Click OK, then continue with Verifying and Customizing the Update Options in Installation 
Settings. 
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5.4.10 Verifying and Customizing the Update Options in 
Installation Settings 





IMPORTANT: To verify that previously installed services are selected for installation and to install 
any additional OES services during the upgrade, you must customize the Update Options on the 
Installation Settings dialog. 





To verify or customize the software packages that are installed on the server: 


1 On the Installation Settings dialog, make sure Novell Open Enterprise Server 2 is listed under 
the Add-On Products link. If it is, proceed with Step 2. 





Peperoni a Installation Settings 
V Language h 
V License Agreement 
V System Analysis î A "i x 
Click any headline to make changes or use the "Change..." menu below. 
V System for Update 
v iia installation Media = 
Update 


Y Add-On Products * SUSE Linux Enterprise Server 10 SP2 


=} Update Summary Update Options 
e Perform Update 
* SUSE Linux Enterprise Server 10 SP2 
* Novell Open Enterprise Server 2 SP1 
* Only Update Installed Packages 


Configuration 
e Perform Update 


@ Network 
e Customer Center Add-On Products 
e Online Update 
e OES Configuration * Novell Open Enterprise Server 2 SP] (Media http://192 . 168 . 2 ."/install/oes2sp1/GMC5/x86_64, 
e Clean Up directory /) 
è Release Notes 
Packages 


* Packages to Update: 500 

* New Packages to Install: 28 

* Packages to Remove: 0 

* Total Size of Packages to Update: 1.5 GB 


Backup 


* Create Backup of Modified Files 
* Create Backup of /etc/sysconfig Directory 








Language 
~ 
Show Release Notes * Primary Language: English (US) 7 
Change... v 
Help Back Abort Next 


If it is not, click the Add-On Products link and follow the steps in “Specifying the Add-On 
Product Installation Information” on page 127. When the Installation Setting dialog shows 
Novell Open Enterprise Server 2 as an installation setting, proceed with Step 2. 


2 Ifyou see package conflict errors (red text under the Packages link), refer to the OES 2 SP2: 
Readme for resolution instructions. 


3 On the Installation Settings dialog, click Update Options. 
4 Inthe Update Options dialog, click Select Patterns. 
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The update option a Update Options 
differs between two 
modes. In either case, 
itis recommended to 
make a backup of 
your personal data. 





With New Software: 
This default setting 
updates the existing 
software and installs 
all new features and 
benefits of the new 
SUSE Linux -Update Mode 
Enterprise Server 10 
SP2 version. The 
selection is based on 
the former predefined 
software selection 


Update from SUSE Linux Enterprise Server 10 to SUSE Linux Enterprise Server 10 SP2 





Update with Installation of New Software and Features 
Based on the Selection: 


Select Patterns 
Only Installed 
Packages: This 
selection only updates 
the packages already 
installed on your 
system. Note: New 


software in the A 
predefined software Delete Unmaintained Packages 


@) Only Update Installed Packages 











selection, such asnew 
YaST modules, is not 
available after the 
update. You might 
miss advertised 
features 


After the update, 

some software might F 
not function anymore. — 
Artivate Delete b 








Cancel 





5 All of the OES Services patterns that were previously installed are selected by default. 


Ensure that the patterns for the services you are upgrading are selected, and select the patterns 
for any new OES Services patterns that you might want to also install, such as Novell AFP or 
Novell CIFS. 


A description of each pattern displays to the left of the pattern when it is selected. For a 
description of OES Services patterns and the components selected with each pattern, see Table 
2-4 on page 29. 


Some OES services, such as Novell CIFS and Novell Samba are not supported together on the 
same server. For more information about unsupported service combinations, see “Unsupported 
Service Combinations” in the OES 2 SP2: Planning and Implementation Guide. 





IMPORTANT: If you deselect a pattern after selecting it, you are instructing the installation 
program to not install that pattern and all of it dependent patterns. Rather than deselecting a 
pattern, click Cancel to cancel your software selections, then click the Select Patterns heading 
again to choose your selections again. 


Selecting only the patterns that you want to install ensures that the patterns and their dependent 
patterns and packages are installed. 


If you click Accept, then return to software pattern selection page, the selections that you made 
become your base selections and must be deselected if you want to remove them from the 
installation proposal. 


Be aware also that attempting to uninstall a service by deselecting its pattern is not 
recommended. For more information, see Chapter 13, “Disabling OES 2 Services,” on 
page 209. 
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Selecting a pattern automatically selects the other patterns that it depends on to complete the 


installation. 





to define this system's 
tasks and what 
software to install. 
Available tasks and 
software for this 
system are shown by 
category in the left 
column. To view a 
description for an 
item, select it in the 
list. 


Change the status of 
an item by clicking its 
status icon or 
right-click any icon for 
a context menu. With 
the context menu, you 
can also change the 
status of all items. 


Details opens the 
detailed software 
package selection 
where you can view 
and select individual 
software packages. 


The disk usage 
display in the lower 
right corner shows the 
remaining disk space 
after all requested 
changes will have 
been performed. Hard 
disk partitions that are 
full or nearly full can 
denrade svstem 
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f [37% 34GB 576GB 9.0GB 
boot Woo] 9% 8.7 MB 80.7 MB 89.4 MB 











6 If you want to see the details of your selections, click Details. 
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nici - NICI US and Worldwide (128 bit) Crypto 


This package provides Cryptographic Services to Novell services and is based on 
BSAFE 5.2.1 (C) RSA 2000. 

















Check | |_| Autocheck 


Cancel | Accept 


7 When you have the software components selected that you want to install, click Accept. 


8 (Conditional) If the prompt for the AGFA Fonts license displays, read the agreement, then click 


Accept. 


9 (Conditional) If you decided to delete unmaintained packages in Section 5.4.9, “Reviewing the 
Delete Unmaintained Packages Notification,” on page 128, the notification appears again. 


Click OK. 
10 
11 
12 
13 


(Conditional) If the prompt for Automatic Changes displays, click Continue. 
(Conditional) If prompted, resolve any dependency conflicts. 

If the Update Options dialog displays again, click Accept. 

Continue with “Accepting the Installation Settings” on page 132. 


5.4.11 Accepting the Installation Settings 


1 Review the final Installation Settings page to ensure that you have all the Installation settings 
you desire. Make sure that it shows all the OES Services that you want to update and install. 


2 After you have changed all the Installation Settings as desired, click Accept. 
3 Inthe Confirm Update dialog, click Start Update. 


132 OES 2 SP2: Installation Guide 





Confirm Update 


All information required to perform an update is now complete. 


If you continue now, data on your hard disk will be overwritten according to the settings in the 
previous dialogs. 


Go back and check the settings if you are unsure 





Start Update 





The base installation settings are applied and the packages are installed. 


4 While the server is updating the files, do one of the following: 


¢ For installations using a network installation source, remove the boot CD 
(SUSE Linux Enterprise Server 10 SP2 CD 1) from the CD drive. 


¢ For installations using a CD or DVD installation source, leave the CD or DVD in the CD- 
ROM or DVD drive. When the installation process prompts you for each CD at the 
appropriate time, insert the CD. The progress status at the bottom of the screen indicates 
which CD will be prompted for next. 


5 After the server reboots, continue with “Specifying Configuration Information” on page 54. 





TIP: If you have the disk driver situation mentioned in Step 7 on page 127, your server will 
boot to a prompt for the root password. Specify the password, and then use an editor such as VI 
to modify the /etc/fstab file so that the path to the boot partition uses sda instead of hda. Then 
reboot the server. The upgrade should continue normally. 





5.4.12 Specifying Configuration Information 


When the server reboots, you are required to complete the following configuration information: 


5 


+ 


+ 


+ 


+ 


+ 


“Testing the Connection to the Internet” on page 133 

“Specifying Novell Customer Center Configuration Settings” on page 134 
“Updating the Server Software During the Upgrade” on page 136 
“Upgrading eDirectory” on page 139 

“Specifying LDAP Configuration Settings” on page 140 


“Configuring Novell Open Enterprise Server Services” on page 141 


Testing the Connection to the Internet 


On the Test Internet Connection page: 


1 


Select Yes, Test Connection to the Internet, then click Next. 
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Obtaining the latest SUSE release notes might fail at this point. If it does, view the log to verify 
that the network configuration is correct, then, click Next. 


If the network configuration is not correct, click Back > Back and fix your network 
configuration. See “Network Interface” on page 55. The most common problem is that a valid 
DNS server is specified. 


2 Or, you can skip this test by clicking No, Skip This Test; however, most OES services 
configuration require a connection to the Internet. 


Skipping this test also skips downloading release notes, configuring the Novell Customer 
Center, and updating online. 


3 Continue with “Specifying Novell Customer Center Configuration Settings” on page 134. If 
you skip this test, continue with “Upgrading eDirectory” on page 139. 
Specifying Novell Customer Center Configuration Settings 


To receive support and updates for your OES 2 SP2 server, you need to register it in the Novell 
Customer Center (NCC). When the Novell Customer Center Configuration page is displayed, you 
have three options: 


* “Updating a Registered Server” on page 134 
+ “Registering the Server Later / Skipping a Registered Server Update” on page 134 
* “Registering the Server During the Upgrade” on page 134 

Updating a Registered Server 


1 Ifyou have already registered your OES 2 server and you want to download the available 
patches, which is recommended, leave Configure Now selected and click Next. 


YaST contacts the server (which might take a few minutes) and then downloads the available 
patches. 


2 Goto Step 7 on page 136. 
Registering the Server Later / Skipping a Registered Server Update 
To register the server later or to skip the update process for a registered server: 


1 Click Configure Later. 
2 Continue with “Upgrading eDirectory” on page 139. 


3 Register the server after the installation is complete by using the procedures in Section 7.3, 
“Registering the Server in the Novell Customer Center,” on page 151. 


Registering the Server During the Upgrade 
To register the server during the upgrade: 
1 On the Novell Customer Center Configuration configuration page, select all of the following 
options, then click Next. 
Option What it Does 


Configure Now Proceeds with registering this server and the SLES 10 SP3 and OES 
product in the Novell Customer center. 
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Option What it Does 


Hardware Profile Sends the information to the Novell Customer Center about the hardware 
that you are installing SLES 10 SP1 and OES 2 on. 





Optional Information Sends optional information to the Novell Customer Center for your 
registration. For this release, this option doesn’t send any additional 
information. 





Registration Code Makes the registration with activation codes mandatory. 





Regularly Synchronize Keeps the installation sources for this server valid. It does not remove any 
with the Customer installation sources that were manually added. 
Center 


2 After you click Next, the following message is displayed. Wait until this message disappears 
and the Manual Interaction Required page displays. 


Contacting server 


This may take a while 





3 On the Manual Interaction Required page, note the information that you will be required to 
specify, then click Continue. 


4 On the Novell Customer Center Registration page, specify the required information in the 
following fields, then click Submit: 


Field Information to Specify 


Email Address The e-mail address for your Novell Login account. 





Confirm Email Address The same e-mail address for your Novell Login account 


Activation Code for Specify your purchased or 60-day evaluation registration code for the 
SLES Components SLES 10 product. 
(optional): 
If you don’t specify a code, the server cannot receive any updates or 
patches. 
Activation Code for Specify your purchased or 60-day evaluation registration code for the OES 
OES Components 2 product. 
(optional): 
If you don’t specify a code, the server cannot receive any updates or 
patches. 
System Name or The hostname for the system is specified by default. If you want to change 


Description (optional): this to a description, for the Novell Customer Center, specify a description 
to identify this server. 


5 When the message to complete the registration displays, click Continue. 
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Mozilla Browser 


Novell Customer Center System Registration 


File Edit View Go 


#990 


To complete the process of registering this system and getting access to online updates, you need to finish the 
registration process. To proceed, click the Continue button 


To change the registration or subscription information for this system, you can log in to the Novell Customer Center at 
any time using the same credentials that you use to log in to your Novell Login account. You can access the Novell 
Customer Center at http./www_novell.com/center 


If you do not yet have a Novell Login account, please create one and make sure that you use the same e-mail address 
that you used when registering this system 


To create the Novell Login account, access the Novell web site at http:/Amww.novell.com/createaccount 





For your convenience, you will be sent a follow up e-mail with this information 


Continue » 


N 


© 208 Novell, Inc. All Rights Reserved 


6 After you click Continue, the following message is displayed with the Manual Interaction 
Required screen. Wait until this message disappears and Novell Customer Center 
Configuration page displays with the message that Your configuration was successful. 


Contacting server... 


This may take a while 





7 When you see the message Your configuration was successful on the Novell Customer 
Center Configuration, click OK. 


Novell Customer Center Configuration 


Your configuration was successful. 


An update server has been added to your configuration. 





| Details... | 








8 Continue with “Updating the Server Software During the Installation” on page 60. 


Updating the Server Software During the Upgrade 


If you have a successful connection to the Internet and have registered the server in the Novell 
Customer Center, the server displays the Online Update dialog. You can run the online update now 
or skip it and get updates later. 
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To skip getting updates during the upgrade 


1 On the Online Update page, click Skip Update. 
2 Continue with “Upgrading eDirectory” on page 139. 


To get updates during the upgrade: 


1 On the Online Updates page, click Run Update. 





Preparation È 
Y Language 4, Online Update 








Y Sy y 
V System for Update 
V Add-On Products 


Update 

V Add-On Products 
V Update Summary 
V Perform Update 


Configuration 
Perform Update 
Network 

Customer Center 
Online Update 
OES Configuration 
Clean Up Run Online Update now? 


EEE TERS 


Release Notes ©) Run Update 
Skip Update 











Help Back 





2 On the page that shows that updates are available, select the updates that you want to install, 
then click Accept. The check marks that are shown in the summary column of the patches list 
are the patches that have already been installed on your system. 
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[Rj MozillaFirefox Mozilla Firefox Web Brows 
Mozilla Firefox-translations Translations for MozillaFire! 






L_| 
z 


CE 















s Security update for MozillaFirefox security 
LÌ slesp2-apache2 Security update for Apache 2 security 
O slesp2-bind Security update for bind security 
O slesp2-bytefx-data-mysq! Security update for Mono security 
o slesp2-bzip2 «f Security update for Linux kernel security 
[i] slesp2-cups «f Security update for CUPS security 
O slesp2-freetype2 Security update for freetype2, security 
O slesp2-gec ko-sdk Security update for gecko-sdk and mozilla-xulrunner security 
o slesp2-gnutls Security update for GnuTLS 


security 
security S 


Show Path Category: | Installable Patches [ X 


Oo slesp2-hplip «f Security update for hplip 





















Patch Description 











Description | Technical Data | Dependencies «| 


MozillaFirefox - Mozilla Firefox Web Browser 





slesp2-MozillaFirefox - Security update for Mozilla Firefox 








This update brings the Mozilla Firefox browser to version 2.0.0.18. 
H fixes following security issues. 


CVF-200NP.-MNN17 / MESA 20-54 








Mozilla Firefox, formerly known as Phoenix and 
Firebird, is a redesign of the Mozilla browser 


component, similar o Galeon, K-Meleon and 
Camino, but writen using the XUL user interface 
language and designed to be cross-platform. H is a 
stand-alone application instead of pari of the 
Mozilla Application Suite. 


= 





I (34% 34GB 64GB 98GB 
iboot II] 9% 90 ME 897 MB 98.7 MB 





























3 When you see the message, Installation finished on the Patch Download and Installation 
page, click Next. 


B Patch Download and Installation 
Language 


License Agreement 


v 
v 
4 System Analysis 
v 
v 





System for Update Progress Log 
Add-On Products Retrieving libzypp...Installing /rpm/x86_64/libeypp-2.32.3-0.4.x86_64.rpm: "Package, Patch, Pattern, and Product 
Management’ OK 
Update Installation finished 
V Add-On Products 
WV Update Summary 
V Perform Update 


Configuration 
Perform Update 
Network 

Customer Center 
Online Update 
OES Configuration 
Clean Up 

Release Notes 


OEE EE 





Package Installation Progress 























{Help 





4 Ifthe update makes changes to YaST, the following message displays. Click OK to restart 
YaST. 
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Packages for package management were updated 
Finishing and restarting now. 





If the installation was interrupted, the following message might display. If so, click Yes to 
continue with the installation and enter the root password. 


Starting Installation... 


The previous installation has failed. 
Would you like it to continue? 


Note: You may have to enter some information again. 





5 The online update displays again with additional updates. If a patch has changes to the kernel, 
you might want to deselect it and install it later after the installation is complete. For 
procedures, see “Updating (Patching) an OES 2 SP2 Server” on page 149. 


If you do install patches that have changes to the kernel, click OK when you see the following 
message. 


The kernel has been updated. The system will 
reboot now then continue the installation. 





6 After all the patches are installed, continue with “Upgrading eDirectory” on page 139. 


Upgrading eDirectory 
OES 2 SP2 includes eDirectory 8.8.4. 
1 When the following dialog appears, click Upgrade. 


OES 1.0 eDirectory database (DIB) and config file found 


eDirectory has been previously installed and configured on this system (OES 1.0, SLES 9) 
Select upgrade to upgrade eDirectory to the current version. 





Upgrade 


2 On the eDirectory Upgrade - Existing Server Information page, type the Admin password. 


3 Ifyou are upgrading from OES 1 SP2 and you don’t have a third-party CA certificate installed 
on the server, you should consider selecting the Use eDirectory Certificates for HTTPS 
services. For more information, see the explanation in the installation instructions, Step 3 on 
page 66, and the information in “Certificate Management” in the OES 2 SP2: Planning and 


Implementation Guide. 
4 On the Novell Modular Authentication Service page, click Next. 
5 Continue with with “Specifying LDAP Configuration Settings” on page 140. 
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Specifying LDAP Configuration Settings 


Many of the OES services require eDirectory. If eDirectory was not selected as a product to upgrade 
or install but other OES services that do require LDAP services were installed, the LDAP 
Configuration service displays expecting you to in complete the required information. 


To specify the required information on the Configured LDAP Server page: 
1 Inthe eDirectory Tree Name field, specify the name for the existing eDirectory tree that you are 


installing this server into. 


2 Inthe Admin Name and Context field, specify the name and context for user Admin on the 
existing tree. 


3 Inthe Admin Password Name field, specify a password for user for user Admin on the existing 
tree. 


4 Add the LDAP servers that you want the services on this server to use. The servers that you add 
should hold the master or a read/write replica of eDirectory. Do the following for each server 
you want to add. 


Aa Click Add. 

4b On the next dialog, specify the following information for the server to add, then click Add. 
* IP Address 
* LDAP port and secure LDAP port 





LDAP Server Configuration ~ | Configured LDAP Servers 
Use this dialog to specify 
eDirectory LDAP server 
information for the OES services 
you install on this server. 


eDirectory Tree Name 
Specify the eDirectory tree that 
you are installing this server into. 


Admin Name and Context 
Specify the fully distinguished, 
typeful name of a user with 
administrative rights in the tree. 
Use LDAP format 

For example. 
en=admin,o=organization 


Admin Password eDirectory Tree Name 








Specify the password for the 9-tree 

eDirectory Admin user. Admin name and context 
Configured LDAP Servers cn=admin.o=novell 

The eDirectory LDAP servers Admin password 


listed in this table are servers that 
can be used to configure other 
OES services on this server. Configued LDAP Servers 
Each added server must have 
elther the master or a readAwrite IP Address LDAP Port Secure LDAP Port Server 
replica of the eDirectory tree. The 192.65.47.12 389 636 remote 
first server added to the list 
becomes the default server for 
the installed and configured OES 
services to use. 


ere 


If you are creatng a new tree, the «] «| 
server you are installing has the 
master replica. 


If you are installing into an 
existing tree, this server might not 
have a replica copied to it, 
depending on the tree 
configuration. For details, see the 
eDirectory 8.8 documentation 
http://www.novell.com/doc 
Add 

Click this option to add an 


eDirectory LDAP server to the 
Configured LDAP Servers table 


This opens an additional dialog 











Back Abort Next 
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5 When all the LDAP servers that you want to specify are listed, click Next. 


6 Continue with “Configuring Novell Open Enterprise Server Services” on page 141. 


Configuring Novell Open Enterprise Server Services 


1 After you complete the LDAP configuration or eDirectory configuration, the Novell Open 
Enterprise Server Configuration summary page is displayed, showing all the OES components 
you updated and installed and their configuration settings. Review the setting for each 
component and click the component heading to change any settings. 


Preparation 


T) Novell Open Enterprise Server Configuration 


Language 





License Agreement 


System for Update 


Add-On Product 


v 
v 
V System Analysis 
7 Skip Configuration 


@) Use Following Configuration 


Update 
V Add-On Products 
Y Update Summary LDAP Configuration for Open Enterprise Services 


e J 
V Perform Update Reconfigure is disabled 


Configuration 








eDirecto 
V Perform Update shirectony 
V Network Configure is enabled 
V Cusiomer Centr 
V Online Update * Admin Name: cn=admin.o=company 
> OES Configuration * Path io nds.conf file: /etc/opi/novell/eDirectory/confinds.conf 
* NMAS Login:CeriMutual: no 
e Clean Up 
* NMAS Login:Challenge Response: yes 
ac oes * NMAS Login:DIGEST-MDS: no 
* NMAS Login:NDS: yes 
* NMAS Login:Simple Password: no 
* NMAS Login:SASL GSSAPI Password: no 
iManager 
Configure is enabled 
Linux User Management 
Configure is enabled 
* LDAP admin name with context: cn=admin,o=company 
* LDAP server IP address: 137.65.66.133 
Change... v 
Help Back | Abort | Next | 


When specifying the configuration information for OES services, see the information in 
“Guidelines for Configuring OES 2 SP2 Components” on page 73. 


2 When you are satisfied with the settings for each component, click Next. 


3 When confirming the OES component configurations, you might receive the following error: 





The proposal contains an error that must be resolved before continuing. 


If this error is displayed, check the summary list of configured products for a message 
immediately below each product heading that indicates the product or service needs to be 
configured. If you are running the YaST graphical interface, the text appears red. If you are 
installing using the YaST text-base interface, it is not red. 


For example, if you have selected Linux User Management in connection with other OES 
products or services, you might see a message similar to the following: 


Linux User Management needs to be configured before you can continue or 
disable the configuration. 
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If you see a message like this, do the following: 
3a On the summary page, click the heading for the component. 
3b Supply the missing information in each configuration page. 


When specifying the configuration information for OES services during the upgrade, see 
the information in “Guidelines for Configuring OES 2 SP2 Components” on page 73. 


When you have finished the configuration of that component, you are returned to the 
Novell Open Enterprise Server Configuration summary page. 


3c If you want to skip the configuration of a specific component and configure it later, click 
Enabled in the Configuration is enabled status to change the status to Configuration is 
disabled. 


If you change the status to Configuration is disabled, you must configure the OES 
components after the installation is complete. See “Installing/Configuring OES 2 SP2 on 
an Existing Server” on page 107. 


4 After resolving all product configuration problems, click Next to proceed with the 
configuration of all services and installation of iManager Plug-ins. 


5 When the Readme page displays, click Next and continue with Section 5.5, “Finishing the 
Upgrade,” on page 142. 


5.5 Finishing the Upgrade 


After a successful configuration, YaST shows the Installation Completed dialog. In this dialog, do 
the following: 
1 Deselect Clone This System for Auto YaST. Cloning is selected by default. 
This will increase the speed of finishing the installation update. 


AutoYaST is a system for automatically installing one or more SUSE Linux Enterprise systems 
without user intervention. Although you can create a profile from a system that has been 
upgraded, it will not work to upgrade a similar system. 


2 Finish the upgrade by clicking Finish in the Installation Completed dialog. 


3 Ifyou have upgraded a server that has NSS pools and volumes on the system device (the device 
that contains the root (/), /boot, and swap partitions), you must do the following: 


3a Verify that the /etc/fstab file is correct. For example, make sure that the path to /boot 
is complete—/dev/evms/sdal (or hda1) and not just /dev/evms. If the path to the / 
boot partition is incomplete or doesn’t contain /evms, change it and save the fstab file. 


3b Open a terminal and run the following command to ensure that the initrd file is correctly 
created: 


mkinitrd -f evms 


3c Reboot the server before continuing with “Verifying That the Upgrade Was Successful” on 
page 143. 


142 OES 2 SP2: Installation Guide 


A script runs automatically during the OES 2 SP2 Linux upgrade to install and enable 
boot.evms. 


These changes are applied when you reboot your system after the upgrade is completed. 
Make sure that you reboot after the upgrade and before you do anything that would alter 
the changes made in this step. 


4 After the server completes the upgrade, continue with “Verifying That the Upgrade Was 
Successful” on page 143. 


5.6 Verifying That the Upgrade Was Successful 


One way to verify that your OES server upgrade was successful and that the components are loading 
properly is to watch the server boots. As each component is loaded, the boot logger provides a status 
next to it indicating if the component is loading properly. 


You can also quickly verify a successful installation by accessing the server from your Web browser. 


1 Inthe Address field of your Web browser, enter the following URLs: 
http://IP_or_DNS 
where /P_or_DNS is the IP address or DNS name of your OES server. 


You should see a Web page displayed similar to the following: 





Home 

Management Services 
Client Software 

Novell Customer Center 
Documentation 


Services & Support 
Partners & Communities 


Novell Open Enterprise Server 2 Support Pack 2 


Novell Open Enterprise Server provides secure, reliable and highly available workgroup services in an open 
environment that's easy to deploy and manage. It meets the needs of workgroups large and small by 
delivering proven networking, communication and collaboration capabilities. Unlike other server platforms that 
force vendor lock-in or can't meet enterprise needs, Novell Open Enterprise Server delivers advanced 
workgroup services in an open, flexible environment. Novell Open Enterprise Server combines services from 
Novell, the trusted leader for secure networking services, with SUSE Linux Enterprise Server, the leading 
open platform for supporting solutions for your mission-critical needs. (> 


Virtualize NetWare 


Consolidate your 
NetWare by running it 
virtualized 


Virtualize NetWare 
Getting Started + 


More about Xen 
virtualization + 


Migrate to Linux 


Migrate your NetWare 
services to Linux 


Migrate to Linux: Getting 
Started + 





+ Get Trained 


Need to update your 
skills? Let Novell help 
you stay ahead 


Want to transition your 
NetWare skills to Linux? 
Start here + 


Find Linux counterparts 
for your favorite NetWare 
commands + 


in Novell 
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2 (Optionally) If you want to look at the eDirectory tree and begin to see how iManager works, 
click the Management Services home page, click Management Tools > iManager, and then log 
in as user Admin (the user you created during product installation). 


You can also access iManager by typing the following URL in a browser window and logging 
in as user Admin: 


http://IP or DNS name/nps/iManager.html 
3 Continue with “What's Next” on page 144. 


5.7 What's Next 


After you've completed the upgrade and verified that it was successful, see “Completing OES 
Installation or Upgrade Tasks” on page 145 and “Updating (Patching) an OES 2 SP2 Server” on 
page 149. 
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Completing OES Installation or 
Upgrade Tasks 


This section provides information for completing the following tasks: 


¢ Section 6.1, “Determining Which Services Need Additional Configuration,” on page 145 
* Section 6.2, “Rebooting the Server after Installing NSS,” on page 147 

* Section 6.3, “Resolving the Certificate Store Error,” on page 147 

* Section 6.4, “Restarting Tomcat,” on page 147 


¢ Section 6.5, “Launching and Configuring Firefox,” on page 148 


6.1 Determining Which Services Need Additional 
Configuration 





NOTE: For information on configuring OES services as a different administrator than originally 
installed the OES server, see Section 2.5.3, “Adding/Configuring OES Services As a Different 
Administrator,” on page 21. 





Depending on the products you have installed, there might be some tasks that you must complete 
before you can use individual service components. 


For more information, see “Caveats for Implementing OES 2 Services” in the OES 2 SP2: Planning 
and Implementation Guide. 


If a component requires additional configuration that is not part of the Novell® Open Enterprise 
Server (OES) 2 Linux installation, see the component's administration guide for more information. 
The following table include links to the Installation and Configuration information for most OES 2 
SP2 services. 


Table 6-1 OES 2 SP2 Services Additional Installation and Configuration Instructions 


For Additional Installation and Configuration 


OES 2 SP2 Service x 
Information 


Domain Services for Windows See “Installing Domain Services for 
Windowslnstalling and Setting Up AFP” in the OES 
2 SP2: Domain Services for Windows 
Administration Guide. 





Novell AFP See “Installing and Setting Up AFP” inthe OES 2 
SP2: Novell AFP For Linux Administration Guide. 





Novell Archive and Version Services See “Setting Up Archive and Version Services ” in 
the OES 2 SP1: Novell Archive and Version 
Services 2.1 for Linux Administration Guide. 
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OES 2 SP2 Service 


Novell Backup/Storage Management Services 


For Additional Installation and Configuration 
Information 


See “Installing and Configuring SMS” in the OES 2 





(SMS) SP1: Storage Management Services Administration 
Guide. 
Novell CIFS See “Installing and Setting Up AFPInstalling and 


Setting Up CIFS” in the OES 2 SP2: Novell CIFS 
for Linux Administration Guide. 





Novell Cluster Services™ 


See “Installing Novell Cluster Services on OES 2 
Linux” in the OES 2 SP2: Novell Cluster Services 
1.8.7 for Linux Administration Guide. 





Novell DHCP 


See “Installing and Configuring DHCP ” in the OES 
2 SP2: Novell DNS/DHCP Administration Guide for 
Linux. 





Novell DNS 


See “Installing and Configuring DNS ” in the OES 2 
SP2: Novell DNS/DHCP Administration Guide for 
Linux. 





Novell eDirectory™ 8.8 


See “Installing or Upgrading Novell eDirectory on 
Linux” in the Novell eDirectory 8.8 Installation 
Guide. 





Novell iFolder® 3.8 


When you configure iFolder as part of the OES 
install and configuration, you can specify only an 
EXT3 or ReiserFS volume location for the System 
Store Path, which is where you are storing iFolder 
data for all your users. You cannot create NSS 
volumes during the system install. 


If you want to use an NSS volume to store iFolder 
data, you must reconfigure iFolder after the initial 
OES installation. To reconfigure, use Novell 
iManager to create an NSS volume, then go to 
YaST > Open Enterprise Server > Install and 
Configure Open Enterprise Services and select 
iFolder 3.6 to enter new information. All previous 
configuration information is removed and replaced. 


See “Installing and Configuring iFolder Services” in 
the Novell iFolder 3.8 Administration Guide. 





Novell iManager 2.7.2 


Novell iPrint 


See “Installing IManager” in the Novell iManager 
2.7 Installation Guide. 


See “Installing and Setting Up iPrint on Your 
Server” in the OES 2 SP2: iPrint for Linux 
Administration Guide. 





Novell Linux User Management 


See “Setting Up Linux User Management” in the 
OES 2 SP2: Novell Linux User Management 
Technology Guide. 





Novell NCP™ Server 
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See “Installing and Configuring NCP Server for 
Linux” in the OES 2 SP2: NCP Server for Linux 
Administration Guide. 


For Additional Installation and Configuration 


OES 2 SP2 Service A 
Information 


Novell NetStorage See “Installing NetStorage” in the OES 2 SP2: 
NetStorage for Linux Administration Guide. 





Novell QuickFinder™ See “Installing QuickFinder Server” in the OES 2: 
Novell QuickFinder Server 5.0 Administration 
Guide. 





Novell Remote Manager See “Changing the Configuration” in the OES 2 
SP2: Novell Remote Manager for Linux 
Administration Guide. 





Novell Samba See “Installing the Novell Samba Components” in 
the OES2 SP2: Samba Administration Guide. 





Novell Storage Services™ See “Installing and Configuring Novell Storage 
Services” in the OES 2 SP2: NSS File System 
Administration Guide. 





Pre-Migration Server See “Preparing for Transfer ID” in the OES 2 SP2: 
Migration Tool Administration Guide. 


6.2 Rebooting the Server after Installing NSS 


If you install NSS on an existing OES server, enter rcnovell-smdrd restart at the command 
prompt or reboot the server before performing any backups, restores, or server consolidations on the 
NSS file system. 


6.3 Resolving the Certificate Store Error 


After installing OES, you might receive the following error: 
Warning - Unable to change the group owner of the certificate store to www 


To resolve this error, run the chgrp command on the /opt/novell/lib/java2/jre/lib/ 
security/cacerts certificate file using the following command in a command shell: 


chgrp www /opt/novell/lib/java2/jre/lib/security/cacerts 


6.4 Restarting Tomcat 


If you install IManager after the server has been installed, Tomcat is not running and you must 
restart it to run iManager. 


To restart Tomcat, enter the following command at a commandline prompt. 


/etc/init.d/tomcat5 restart 
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6.5 Launching and Configuring Firefox 


After upgrading from OES 2 to OES 2 SP2, you need to launch and configure Mozilla* Firefox* 
before accessing other applications via a URL. 


For example, you cannot configure the Novell Customer Center from the YaST until Firefox is 
configured. 


To configure Firefox, 
1 On the GNOME desktop, click Computer > Firefox. 
or 
On the KDE desktop, click the Main Menu icon > Browse > Web Browser > Firefox. 


2 Configure the browser. 
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Updating (Patching) an OES 2 SP2 
Server 


Updating an Novell® Open Enterprise Server (OES) 2 Linux server is essentially the same as 
updating a SUSE® Linux Enterprise Server (SLES) 10 SP3 server except that you apply patches for 
both SLES 10 SP3 and OES 2 SP2. 


To update your server with the patches released from Novell requires you to perform the following 
tasks during the installation or upgrade or after the installation or upgrade is complete. The 
instructions in this section are for patching the server after the installation or upgrade is complete. 

¢ Section 7.1, “Overview of Updating (Patching),” on page 149 

* Section 7.2, “Preparing the Server for Updating,” on page 150 

¢ Section 7.3, “Registering the Server in the Novell Customer Center,” on page 151 

¢ Section 7.4, “Updating the Server,” on page 155 

* Section 7.5, “Verifying That Your Channel Subscriptions Are Up to Date,” on page 161 

* Section 7.6, “Frequently Asked Questions about Updating,” on page 162 

* Section 7.7, “Patching From Behind a Proxy Server,” on page 163 

* Section 7.8, “Quick Path Updating,” on page 163 


7.1 Overview of Updating (Patching) 


¢ Section 7.1.1, “The Patch Process Briefly Explained,” on page 149 
* Section 7.1.2, “Update Options,” on page 150 


7.1.1 The Patch Process Briefly Explained 


The OES 2 patch process consists of the following processes: 
1. The patch tool (rug, Software Updater, or YaST Online Update [YOU]) checks for available 
patches on its configured patch channels and displays them for selection. 
2. The patch administrator selects which patches to apply. 


3. The patch tool checks cross-dependencies and displays any messages regarding situations or 
conflicts that require administrator input. 


4. The patches are downloaded. 


If any downloading patches contain information or instructions, these are displayed for 
administrator acknowledgement. For example, administrators might be instructed to restart a 
service or run a configuration script file to complete the process after the patch process 
completes. 


5. After all of the messages have been acknowledged, the downloaded patches are installed. 


6. Ifthe kernel was updated, the administrator is prompted to restart the server. 
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7.1.2 Update Options 


OES 2 administrators have three options for updating servers with patches from Novell. 


+ ZENworks Linux Management (ZLM): Is an enterprise level product that requires a separate 
license. It provides updates for SUSE Linux Enterprise, OES, and Red Hat* Enterprise Linux 
(RHEL) products. In addition to hosting updates for download it is also capable of pushing 
them to targeted devices through a single Web interface. For more information about ZLM see 
the ZLM Product Page on Novell.com (http://www.novell.com/products/zenworks/ 
linuxmanagement/). 


¢ Subscription Management Tool (SMT) for SUSE Linux Enterprise: This product doesn’t 
require a separate license. It lets you host patches from the Novell online update channel on an 
internal server, providing more security and greatly reducing Web traffic related to server 
updates. SMT is available for download on the Novell Download Site (http:// 
download.novell.com/Download?buildid=5YxjWD8_ZZk~). 


* Novell Online Update Servers: For those who don’t require an internal update source, OES 2 
servers can be easily configured to access the online patch channel directly. Instructions for 
doing this are included in the sections that follow. 


7.2 Preparing the Server for Updating 


1 Make sure you have installed all the services that you need on the server. 
2 Before starting your update, make note of the root partition and available space. 


If you suspect you are running short of disk space, secure your data before updating and 
repartition your system. There is no general rule of thumb regarding how much space each 
partition should have. Space requirements depend on your particular partitioning profile and 
the software selected. 


The df -h command lists the device name of the root partition. In the following example, the 
root partition to write down is /dev/hda2 (mounted as /). 


Example: List with df -h. 


tit” # df -h 

Filesystem Size Used Avail Use? Mounted on 
#dev/hdb2 1866 2,96 183G 2% 

udev 506M 204K SOBM 12 /dev 

tit” # ] 


In particular, ensure that you have enough space where the update process downloads all the 
updates to in /var/cache/zmd/. 


Depending on the number of patches that you are going to apply, you might need about 3 GB 
for OES 2 SP2. 


3 Before updating the server, secure the current data on the server. 


Copy all configuration files to a separate medium, such as a streamer, removable hard disk, 
USB stick, or ZIP drive, to secure the data. This primarily applies to files stored in /etc as well 
as some of the directories and files in /var and /opt. You might also want to write the user 
data in /home (the HOME directories) to a backup medium. Back up this data as root. Only 
root has read permission for all local files. 
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7.3 Registering the Server in the Novell 
Customer Center 


Before you can patch an OES 2 SP2 server with updates from Novell, you must register the server 
either during installation or later by using the instructions in this section. 


If you register using evaluation codes, your server can receive patches for only 60 days, at which 
point the codes expire. You need to register each server with the Novell Customer Center only once. 
After you have registered the server, you can update the server at any time. This includes replacing 
evaluation codes with purchased codes. You can use the desktop interface (GUI) or command line 
commands to accomplish this task. 


This section contains the following information: 


¢ Section 7.3.1, “Prerequisites,” on page 151 


¢ Section 7.3.2, “Registering the Server in the Novell Customer Center (Command Line),” on 
page 151 


¢ Section 7.3.3, “Registering the Server in the Novell Customer Center (GUI),” on page 152 


7.3.1 Prerequisites 


To complete these procedures, you must have the following: 
* A Novell Customer Center (NCC) account or access to an account. 


For more information about creating a Novell Customer Center account, see “Creating an 
Account” in the Novell Customer Center User Guide (http://www.novell.com/documentation/ 
nec/ncc/data/b5exp8k.html#b5exj2f). (This is the same account that you use for Bugzilla.) 


¢ The activation codes for SLES and OES 2 SP2 that you received when you purchased your 
product. 


* An installation source that contains the update patches. 


An installation source is automatically added to the server when you register with the Novell 
Customer Center or you can add a different source manually. 


* Anestablished connection to the Internet. 


7.3.2 Registering the Server in the Novell Customer Center 
(Command Line) 
Do the following to register a new server or to replace evaluation activation codes with standard 
codes. 

1 Log in to the server as root or su to root 

2 At the command line, enter 


suse register -a email=email_address -a regcode- 








sles=SLES registration code -a regcode-oes=oes2 registration code 
For example, 


suse register -a email=joe@example.com -a regcode-sles=4adab769abc68 -a 
regcode-oes=30a74ebb94fa 
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IMPORTANT: If you are replacing evaluation codes with purchased codes, simply enter the 


codes. No further action is required. 





3 Verify that the server is registered by seeing whether you have the service types and catalogs 


needed for updates. 


3a 


To verify the service type, enter 
rug sl 


The results should be similar to the following: 


linux?” # rug sl 


# | Status | Type | Name | URI 

--+-------- +------ + 4+----------------------- 
1 | Active | ZYPP | SUSE Linux Enterprise Server 10 SP1 | http://192,65,48,6,,, 
2 | Active | ZYPP | Novell Open Enterprise Server 2 | ftp://192,65,44,13,.. 
3 | Active | NU | httpst//nu,novell,com | https?//nu,novell,com 


linux:” # Jf 


The URIs you see for the ZYPP type will differ based on your installation source. 


3b To verify the catalogs, enter 


rug ca 


The results should be similar to the following: 


Sub'd? | Name | Service 
Leann year ar SONU APES ABE A ANARU TEGSA EETA ATI STA SE ee 
Yes | SUSE Linux Enterprise Server 10 SP1 | SUSE Linux Enterprise Server 10 SP1 
Yes | Novell Open Enterprise Server 2 | Novell Open Enterprise Server 2 
Yes | SLES10-SP1-Updates | httpst//nu,novell,com 

| SLE10-SP1-Debuginfo-Updates | httpst//nu,novell,com 
Yes | DES2-Updates | httpst//nu,novell.com 


7.3.3 Registering the Server in the Novell Customer Center 


(GUI) 


1 In the YaST Control Center, click Software > Novell Customer Center Configuration. 


2 On the Novell Customer Center Configuration configuration page, select all of the following 
options, then click Next. 


Option 


Configure Now 


What it Does 


Proceeds with registering this server and the OES product with the Novell 
Customer Center. 





Hardware Profile 


Sends the information to the Novell Customer Center about the hardware 
that you are installing SLES 10 SP1 and OES 2 on. 





Optional Information 


Registration Code 
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Sends optional information to the Novell Customer Center for your 
registration. For this release, this option doesn’t send any additional 
information. 


Makes the registration with activation codes mandatory. 


Option What it Does 


Regularly Synchronize Keeps the installation sources for this server valid. It does not remove any 
with the Customer installation sources that were manually added. 
Center 


After you click Next, the following message is displayed. Wait until this message disappears 
and the Manual Interaction Required page displays. 


Contacting server 


This may take a while 





3 On the Manual Interaction Required page, note the information that you will be required to 
specify, then click Continue. 


4 On the Novell Customer Center Registration page, specify the required information in the 
following fields, then click Submit: 


Field Information to Specify 


Email Address The e-mail address for your Novell Login account. 





Confirm Email Address The same e-mail address for your Novell Login account 








Activation Code for Specify your purchased or 60-day evaluation registration code for the 
SLES Components SLES SP1 product. 
(optional) 
If you don’t specify a code, the server cannot receive any updates or 
patches. 
Activation Code for Specify your purchased or 60-day evaluation registration code for the OES 
OES Components product. 
(optional) 
If you don’t specify a code, the server cannot receive any updates or 
patches. 
System Name or The hostname for the system is specified by default. If you want to change 


Description (optional) this to a description for the Novell Customer Center, specify a description 
to identify this server. 


5 When the message to complete the registration displays, click Continue. 
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Mozilla Browser 


Novell Customer Center System Registration 


File Edit View Go 


¢>80 


To complete the process of registering this system and getting access to online updates, you need to finish the 
registration process. To proceed, click the Continue button 


To change the registration or subscription information for this system, you can log in to the Novell Customer Center at 
any time using the same credentials that you use to log in to your Novell Login account. You can access the Novell 
Customer Center at http://www.novell.com/center. 


If you do not yet have a Novell Login account, please create one and make sure that you use the same e-mail address 
that you used when registering this system 


To create the Novell Login account, access the Novell web site at http:/Amwmw. novell.com/createaccount 





For your convenience, you will be sent a follow up e-mail with this information 


Continue » 


N 


© 2008 Novell, Inc. All Rights Reserved 


After you click Continue, the following message is displayed with the Manual Interaction 
Required page. Wait until this message disappears and the Novell Customer Center 
Configuration Was Successful page displays. 


Contacting server... 


This may take a while 





6 When you see the message that the Novell Customer Center was successful, click OK. 


Novell Customer Center Configuration 


Your configuration was successful. 


An update server has been added to your configuration. 





l Details... | 








When the registration is successful, the server is registered in the Novell Customer Center and the 
installation sources for patches are configured on the server. 
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7.4 Updating the Server 


After the server has been registered in the Novell Customer Center, you can apply updates via 
packages and patches. The default GNOME desktop indicates when there are updates available to 
the server. You can update the server from any of the following interfaces. 


¢ Section 7.4.1, “Updating the Server by Using the Command Line,” on page 155 
¢ Section 7.4.2, “Updating the Server from the GNOME or KDE Desktop,” on page 160 


7.4.1 Updating the Server by Using the Command Line 


After you have registered the server in the Novell Customer Center, you can update the server by 
using commands at the command line. The following procedure specifies steps for updating the 
server with all available patches for SLES 10 SP3 and OES 2 SP2. 


1 Log in to the server as root or su to root. 
2 At the command line, enter the following commands: 


2a Refresh all services: 


Command Example Results 


rug ref linux:” # rug ref 


Refreshing Services... 
an 100% 


Successfully refreshed, 
linux?” 


2b See whether updates are available for SLES 10 SP3 and OES 2 SP2: 
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Command 





rug lu catologl 
catalog2 


For example, 


rug lu SLES10- 
SP3-Updates 
OES2-SP2- 
Updates 








Example Results 


No updates are available: 


linux?” # rug lu SLES10-SP1-Updates 0ES2-Updates 
No updates are available in the specified catalogs, 
linux:” # ] 


Updates available: 





Catal 


SLES10-SP1-Updates 
OES2-Updates: 

SLES10-SP1-Updates 
SLES10-SP1-Updates 
SLES10-SP1-Updates 
DES2-Updates 

SLES10-SP1-Updates 
SLES10-SP1-Updates 
SLES10-SP1-Updates 
SLES10-SP1-Updates 
SLES10-SP1-Updates 
SLES10-SP1-Updates 
SLES10-SP1-Updates 
SLES10-SP1-Updates 
SLES10-SP1-Updates 
SLES10-SP1-Updates 
SLES10-SP1-Updates 






















bind-libs 
bind-utils 
CASA 
cifs-mount 
cpio 

cron 

cups 
cups-client 
cups-libs 
dhcp-server 
e2fsprogs 
evms 
evms-gui 
evolution-data-server 













Cee ee ee ee ee ee a ea a 


0ES2-Updates yast2-novel l-nepserver noarch 
DES2-Updates yast2-novell-nes noarch 
DES2-Updates yast2-novel l-netstorage noarch 
DES2-Updates yast2-novell-nss noarch 
0ES2-Updates yast2-novel l-quickfinder noarch 
DES2-Updates yast2-novell-responsefile noarch 
DES2-Updates yast2-novel l-samba noarch 
DES2-Updates yast2-novell-schematool noarch 
DES2-Updates yast2-novell-sms noarch 
0ES2-Updates yast2-oes-ldap noarch 
SLES10-SP1-Updates yast2-online-update noarch 





linux: # If 





2c Update the server with all available SLES10 SP2 and OES 2 SP2 patches: 


Command 


rug up -t patch 
SLES10-SP3- 
Updates OES2- 
SP2-Updates 








Results 





Linux: # rug up -t patch SLES10-SPi-Updates 0ES2-Updates 
Resolving Dependencies... 


The following packages will be installed: 
adminfs 1,0,73-3 (0ES2-Updates) 
adminfs-1,0,73-3,1586[0ES2-Updates] needed by atom;adminfs-1,0,73-3,1586[0ES2-Updates] 


CASA 1,7,1408-4 (0ES2-Updates) 
CASA-1,7,1408-4, i586[0ES2-Updates] needed by atom:CASA-1,7,1408-4,1586[0ES2-Updates] 


CASA-cli 1,7,1408-4 (0ES2-Updates) 
CASA-cli-1,7,1408-4,1586[0ES2-Updates] needed by novell-oes-dhcp-conf-1,0,0-39,1586[0ES2-Updates] 


google-perftools 0,8-8 (0ES2-Updates) 
google-perftools-0,8-8,i586[0ES2-Updates] needed by atom:google-perftools-0,8-8,1586[0E52-Updates] 


yast2-oes-trans-zh_CN 2,13,0-11 (0ES2-Updates) 
yast2-oes-trans-zh_CN-2,13,0-11,noarch[0ES2-Updates] needed by atom;yast2-oes-trans-zh_CN-2,13,0-11,noarch[0ES2-Updates] 


yast2-oes-trans-zh_TW 2,13,0-11 (0ES2-Updates) 
yast2-oes-trans-zh_TW-2,13,0-11.noarch[0ES2-Updates] needed by atom:yast2-0es-trans-zh_TW-2,13,0-11,noarch[0ES2-Updates] 


yast2-online-update 2,13,61-0,2 (SLES10-SP1-Updates) 
yast2-online-update-2.13,61-0,2,noarch[SLES10-SP1-Updates] needed by atom:yast2-online-update-2,13,61-0,2.noarch[SLES10-SP1-Updates] 


Proceed with transaction? (y/N) y 
Downloading Packages... 
eee 100% 


Transaction... 


| ——______T_ T.LI 


Transaction Finished 
linux;” # 








2d Repeat Step 2b and Step 2c until no more updates are available. 
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2e 


Command 





rug lu SLI 


OES2-SP2- 
Updates 





ES10- 
SP3-Updates 


Example Results 


No updates are available in the specified catalogs: 


linux: # rug lu SLES10-SP1-Updates 0ES2-Updates 
No updates are available in the specified catalogs, 


linux: # 


To finish the update, reboot the server. 


Rebooting the server activates the new kernel if it has been updated and ensures that OES 
services that need restarting after patching are restarted. 


You can also update your server with specific maintenance patches by using commands at the 
command line: 


1 Loginto the server as root or su to root. 


2 Atthe command line, enter the following commands: 


2a Refresh all services 


2b 


Command 


rug ref 


Example Results 


linuxt” # rug ref 


Refreshing Services... 
TI 1008 


Successfully refreshed, 


linux:” # 


See whether updates are available, see a list of patches and their status, or see information 


for a specific patch: 


Command 


See whether patches are available: 


rug lu catalogl catalog2 


Results 


No updates are available in the specified catalogs. 


linux: # rug lu SLES10-SP1-Updates 0ES2-Updates 
No updates are available in the specified catalogs, 


linux?” # 


Updates available: 














[S | Catalog | Bundle | None Q 1 Arch 
lv | SLESIO-SP1-Updates I 1 asa bose ' 11985 
lv 1 0S i 1 admins 11, 1 1885 
lv | SLESIO-SFi-Updates | | bind Id 1 1566 
lv | SLESIO-SPi-Updates | | bind-libs 19. 1 1506 
lv | SLESIO-SPi-Updates I | bind-utile 19. 1 1506 
Iv | 0ES2-Updates f] 1 pasa Hh 1 1585 
ly | SLESIO-SP1-Updates | | cifs-nont 13, 11586 

1 SLESIO-SP1-Updates I 1 epio 12, 1 1885 

| SLESTO-SP1-Updatme I 1 cron 14 11585 

| SLESIO-SPi-Updates | | cups Vi. 1 1566 

| SLESIO-SPi-Updatas | | cuparclient bi. 1 1506 

| SLESIO-SPi-Updates I | cupa-liba bi. 1 1586 

| SLESIO-SPl-Updotes | | dhop-server 13. 1 1996 

1 SLESI -Updates | | e2fsprogs 11 1 15986 

| SLESIO-SP1-Updates I 1 2.8.5-24, 11588 

| SLESTO-SP1Updates I 1 evms-gui 1 2,5,5-24, 1 158 

| SLESIO-SP1-Updates I | evolutiondatarserver 11,6, 3, 1188 

| CES2-Updates I | yast2-novel l-ncpserver 1 2.143.335 1 noarch 

| 0ES2-Updites i | yast2-novel l-nes 1 243.444 | poarch 

| CES2-Updates i | gast2-novel I netatorage 1 2.43.4-32 | nosrch 

| 0ES2-Updates 1 | yast2-novell-nss 1 2.13,7-43 1 noarch 

| 0ES2-Undates I | gost2-novel l-quickf inder 1 2.13,34 | nosrch 

| 0ES2-Updates ' | yast2-nowe]]-responsef ile 12.13.135 1 noarch 

| 0ESI-Updatme 1 1 gust 2-nowel Imeamba 1 2,13,>.® 1 noarch 

| CES2-Updates ' | sast2-novel l-schenatoo] I 2.43.4°32 1 noarch 

| CES2-Updates ' | gast2-novell-sms | 2.13.2-29 1 poarch 

| 0ES2-Updites i | yaat2-cee-1dap 1 2.13.4-29 | noarch 
lv | SLESIO-SP1-Updetes | | sost2-online-update | 2,13,61-9,2 | nosrch 
Rime” è 
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Command Results 
See a list of patches from all catalogs Jus ae Rae 
and their status: SLELO SP1- Debuginfo-Lpdates | dbgni-olibe-debupinfo | 3400-0 1 optionsl | Needed 
ISLE10-SP1-Nebuginfi | dbgpi-kerne] | 3535-0 | recommended | Not Aipplicab] 
ISLELO-SP1-Debuainfo= Updates | bapi-kernel 1 3643-0 | reccamended | Not Applicab] 
Selo-sptobetegintenipaates | i Partire sation o A i 3488-0 i Simei i herded 
rug pch È Eee Updates | dbapl-kernel default ~ debuninto 1 3489-0 | optional | Needed 
ISLE10-SP1-Detruginfi hyp l-herne]-sap-debuginfo 1 3496-0 | optional | Needed 
noes Debuginfe | dbgpi-kerne]-source-debuginfo 1 3438-0 | optional | Needed 
O-SP1-Debuqinfo~ Updates | dbapi-kernel-un-debuginfo 1 3501-0 | optional | Needed 
toto Debuginfo-Updates | chgpi-kerne] info 1 3502-0 | opticnal | Needed 
ISLELO-SP1-Debuninfo-Updates | dbapi-kernel-xennse-detuninfo 1 3504-0 | optional | Needed 
JUES2-Updates | ces2-CRSA 1 3762-0 | recommended | Not needed 
[0ES2-Updates | oes2-CASA 1 3251-0 | recommended | Not needed 
OES2-Updates | ces2-CRSA 1 3709-0 | reccemended | Not needed 
S2-Upuat | ces2-CRSA 1 3791-0 | recommended | Not needed 
[0ES2-Updates | oes2-CASA 1 3576-0 | recommended | Not needed 
OES2-Updates | ces2-CRSA 1 3904-0 | reccamended | Needed 
[IDES?-Updates 1 00s2-CASA 1 3413-0 | recommended | Not needed 
IOES2-Updates | ces2-CRSA 1 3355-0 | recommended | Not needed 
S2-Updat | ces2-CRSA 1 3517-0 | recommended | Not needed 
NES2-lpdates | 0es2-CASA 1 3501-0 | recommended | Not needed 
[DES2-Undates | 0es2-CAGA 13292-0 1 recommended | Not needed 
See a list of all installed patches: Before patches are installed: 
rug pch -i linux” # rug pch -i 
No patches found, 
linux” # ] 
After two patches are installed: 
linux?” # rug pch -i 
Catalog | Name | Version | Category | Status 
aeree ARE I SEE 
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System 
System 


| oes2-oes-SPident | 4230-0 


| slespi-timezone 


linux?” # ff 


| 4228-0 


recommended | Applied 
recommended | Applied 


After all patches have been installed: 





linux?” # rug pch -i 
Catalog | Name | Version | Category | Status 
A a a 4 

System | oes2-adminfs | 4204-0 | recommended | Applied 
System | oes2-CASA | 4201-0 | recommended | Applied 
System | oes2-google-perftools | 4214-0 | recommended | Applied 
System | oes2-ifolder3-clients | 4202-0 | recommended | Applied 
System | oes2-java-1_5_0-ibm-unrestricted-security-policies | 4222-0 | recommended | Applied 
System | oes2-libsmbMgmt | 4220-0 | recommended | Applied 
System | oes2-nici | 4203-0 | recommended | Applied 
System | oes2-novell-bind | 4205-0 | recommended | Applied 
System | oes2-novell-cluster-services | 4206-0 | recommended | Applied 
System | oes2-novell-evms-plugins | 4217-0 | recommended | Applied 
System | oes2-novell-filesystem | 4207-0 | recommended | Applied 
System | oes2-novell-iprint-client | 4209-0 | recommended | Applied 
System | oes2-novell-iprint-migration | 4212-0 | recommended | Applied 
System | oes2-novell-kerberos-admin-server | 4210-0 | recommended | Applied 
System | oes2-novell-libncputil | 4213-0 | recommended | Applied 
System | oes2-novell-lum | 4211-0 | recommended | Applied 
System | oces2-novell-lum-providers | 4216-0 | recommended | Applied 
System | oes2-novell-netstorage | 4215-0 | recommended | Applied 
System | oes2-novell-NLDAPbase | 4208-0 | recommended | Applied 
System | oes2-novell-oes-dhcp-conf | 4218-0 | recommended | Applied 
System | ces2-novell-pure-ftpd-config | 4219-0 | recommended | Applied 
System | oes2-novell-sms | 4221-0 | recommended | Applied 
System | oes2-novell-welcomepage | 4223-0 | recommended | Applied 
System | oes2-oes-SPident | 4230-0 | recommended | Applied 
System | ces2-quickfinder-engine | 4225-0 | recommended | Applied 
System | oes2-release-notes-oes | 4226-0 | recommended | Applied 
System | oes2-yast2-oes-trans-cs | 4227-0 | recommended | Applied 
System | slespi-perl-Bootloader | 3680-0 | recommended | Applied 
System | slespl-timezone | 4228-0 | recommended | Applied 
System | slespi-yast2-installation | 3830-0 | recommended | Applied 
System | slespi-yast2-online-update | 3934-0 | recommended | Applied 
linux:” # I 


Command Results 


See information for a specific patch: 


linux?” # rug patch-info oes2-oes-SPident 


Name: oes2-oes—SPident 


; Versioni 
rug patch-info patch name 
= Status: 


3628-0 
Arch: noarch 
Satisfied 


Category: recommended 


For example: 


Created On: 06/08/2007 11:30:26 
Reboot Required: No 


Restart Required: No 


rug patch-info 0es2-0es- 
SPident 


Interactive: No 

Summary: Recommended update for oes-SPident for Beta3,27 
Description: 0ES2 Update for oes-SPident for Beta3,27 
Provides: 


Patch: oes2-oes-SPident = 3628-0 


Requires: 


atom? oes-SPident = 1,0,1-4 


linux:© # E 


2c Update the server with specific patches: 


Command 


Install all patches from the one or more catalogs 
of a particular category. 


rug up -t patch catalogl catalog2 -g 
category name 

* security 

* recommended 

* optional 


For example: 


rug up -t patch SLES10-SP3-Updates 
0ES2-SP2-Updates -g security 








Results 





lines” è È 





Install one version of a patch without 
confirmation: 


rug in -t patch -y patchname-version 
For example: 


rug in -t patch -y 0es2-CASA-3904-0 


ti:* # rug in -t patch -y oes2-CASA-3904-0. 
Resolving Dependencies... 
The following packages will be installed: 
CASA 1,7,1408-3 (0ES2-Updates) 
CASA-1,7,1408-3, i586[0ES2-Updates] needed by atom:CASA-1,7,1408-3,1586[0ES2-Updates] 


0es2-CASA 3904-0 (0ES2-Updates) 


Dounloading Packages... 
rue _———_—_____fG 


Transaction... 
i a a 99% 


Finishing... 





Install all versions of a patch with confirmation: 
rug in -t patch patch_name* 
For example: 


rug in -t patch 0es2-0es-SPident* 


3 To finish the update, reboot the server. 








dates) vended by stam: ne (P ident -1,9 1-06 remrehCOEIS pation 








Rebooting the server activates the new kernel if it has been updated and ensures that OES 
services that need restarting after patching are restarted. 


The following table shows some additional commands you might want to use: 
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Table 7-1 Additional Rug Commands 


Task Command 
Halts the ZLM daemon. Accepts the following option flags: rug shutdown [options] 


+ -f, --force: Force the shutdown. 


+ -n, --no-wait: Don’t wait for confirmation that the daemon was shut 
down. 





Restarts the ZLM daemon. Accepts the following option flags: rug restart [options] 


+ -f, --force: Forc 


+ -n, --no-wait: Does not wait for confirmation that the daemon has 
restarted. 


+ --clean: Cleans up at restart 





Access help for all the rug commands rug 





Access the rug man page man rug 


7.4.2 Updating the Server from the GNOME or KDE Desktop 


1 Log into the server as root or su to root. 
2 Click the Novell Updater icon @ that indicates that updates are available 
On the GNOME Desktop, the icon is on the taskbar. 
On the KDE Desktop, click G > System > Novell Updater icon @ 
If no updates are available, the Novell Updater icon "& changes appearance to a globe. 


3 On the Software Available for Updates page, select the updates that you want to install, then 
click Update. 


Updates that have a Security or Recommended status are usually preselected. 


@ Software available for update: 
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4 When the Software Updater Information status indicates that the update was successful, click 
Close. 


Software Updater -Ox 


@ nl 


























A Software Updater- information x 








Select: All None 











@ | configure | | X cioe | 








5 Ifnecessary, rerun the updater until all the desired patches have been installed. 
6 To finish the update, reboot the server. 


Rebooting the server activates the new kernel if it has been updated and ensures that OES 
services that need restarting after patching are restarted. 


7.5 Verifying That Your Channel Subscriptions 
Are Up to Date 


When an OES 2 server is updated properly, the update channel list is refreshed to include Updates 
entries for your OES 2 and SLES 10 versions. 


To verify that you have updates from both update channels, do the following: 


1 Ata terminal prompt on the server you have updated, type the following command: 
rug ca 


The list of channels should include Updates channels for your OES 2 and SLES 10 versions. 
For example, after updating an OES 2 SP2 server, the channel listing should include both 
SLES10-SP3-Updates and 0ES2-SP2-Updates as subscribed channels. 








2 Ifthe channel listing on your server doesn’t include the updates channels for your OES 2 and 
SLES 10 versions, follow the instructions in TID 3150078 (http:/Awww.novell.com/support/ 
php/ 
search.do?cmd=displayK C&docType=kc&externalld=3 150078 &sliceld=2&docTypeID=DT _ 
TID_1_1&dialogID=76715112&stateld=0%200%20767 11680) to resolve the issues. 


3 After the channel list contains the correct entries, update your server by repeating the pertinent 
instructions in Section 7.4, “Updating the Server,” on page 155. 
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7.6 Frequently Asked Questions about Updating 


This section contains the following information: 
¢ Section 7.6.1, “Do I apply all the patches in the catalogs or how do I know which patches to 
apply?,” on page 162 


* Section 7.6.2, “How do I re-add the catalogs for OES 2 in my ZENworks Management 
Daemon (ZMD) configuration after removing one or more of them?,” on page 162 


¢ Section 7.6.3, “What about YaST Online Update?,” on page 163 


7.6.1 Dol apply all the patches in the catalogs or how do | 
know which patches to apply? 
In OES 1, we recommended that all the patches in the channel be applied. However, in OES 2 the 


dependency checking has been improved to help you understand more about each patch listed in the 
catalogs. 


Each patch has a category and a status associated with it. The categories state whether the patch is a 
security patch, a recommended patch, or an optional patch. The rug pch command shows whether 
the patch is needed or not needed and whether it has been applied. When you are using the Novell 
Updater, only the patches that are needed and have not been applied display in the list of patches. 


Therefore, you can just apply all the security patches and wait to apply other patches that might 
change how a feature or product works. 


7.6.2 How do I re-add the catalogs for OES 2 in my ZENworks 
Management Daemon (ZMD) configuration after removing one 
or more of them? 
To re-add the catalogs and services needed for updating your version of OES 2 to the ZMD 
configuration: 

1 Delete the /var/cache/SuseRegister/lastzmdconfig.cache file 

rm /var/cache/SuseRegister/lastzmdconfig.cache 
2 At the command line, enter 


suse_ register -a email=email_address -a regcode- 





sles=SLES registration code -a regcode-oes=oes2 registration code 





For example, 


suse register -a email=joe@example.com -a regcode-sles=4adab769abc68 -a 
regcode-oes=30a74ebb94fa 








Performing this procedure removes the complete ZMD configuration, then registers the server 
in the Novell Customer Center again. When you register the server in the Novell Customer 
Center again, it adds all the catalogs and services that are need for updating your version of 
OES 2. 
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7.6.3 What about YaST Online Update? 


Novell supports two mechanisms for updating an OES 2 server: 


¢ The rug utility from a terminal prompt. 
* The Novell Updater from a GUI desktop. 


However, some OES administrators prefer to use YaST Online Update (YOU) for updating OES 2 
servers. Although YOU is not tested by OES 2 product testers, the only customer problems reported 
to Novell occur when someone tries to use both the rug-based methods and the YOU method in 
combination on the same server. 





IMPORTANT: Whichever method (YOU or rug-based) you choose for a given OES2 SPI server, 
that method must be used exclusively for the life of the server. 


For more information about using YOU to update your servers, see “YaST Online Update” (http:// 
www.novell.com/documentation/sles10/sles_admin/data/ 
sec_yast2_sw.html#sec_yast2_sysconfig onupdate) in the SLES 10 Administration Guide. 





7.7 Patching From Behind a Proxy Server 


See TID 3132246 (http://www.novell.com/support/ 
viewContent.do?externalld=3 132246&sliceId=2). 


7.8 Quick Path Updating 


This section contains the following Quick Path steps for patching an OES 2 server: 


* Section 7.8.1, “Do Not Use rug up without the -t Option,” on page 163 
¢ Section 7.8.2, “Command Line Quick Path for Updating OES 2,” on page 163 
¢ Section 7.8.3, “GUI Quick Path for Updating OES 2 SP2,” on page 166 


7.8.1 Do Not Use rug up without the -t Option 


Do not use the rug up command by itself to update an OES server. Always use the -t patch option 
as described in Section 7.8.2, “Command Line Quick Path for Updating OES 2,” on page 163. 


If the -t patch option is omitted, rug includes SLES packages in the download that can cripple or 
completely break OES services. 


The -t patch option also ensures that patch meta data (including script files, etc.) is downloaded so 
that SLES can correctly update the system. 


7.8.2 Command Line Quick Path for Updating OES 2 


1 Make sure you have the following: 
+ A Novell Customer Center account 


If you don’t have one, create it at http://www.novell.com/register. This is the same account 
that you use for Bugzilla. 
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¢ Activation Codes for both SLES 10 and OES 2 

* A valid installation source 

* An established connection to the Internet 

¢ All of the services installed that you need on the server. 


* Enough disk space in /var/cache/zmd/ where the update process downloads all the 
updates to. 


Depending on the number of patches that you are going to apply, you might need about 3 
GB. 


* A backup of the current data on the server. 
2 Register the server in the Novell Customer Center (one time only). 
2a Log in to the server as root or su to root. 
2b At the command line, enter 


suse register -a email=email address -a regcode- 








sles=SLES registration code -a regcode-oes=oes2 registration code 


For example, 





suse register -a email=joe@example.com -a regcode-sles=4adab769abc68 - 
a regcode-0es=30a74ebb94fa 





2c Verify that the server is registered by seeing whether you have the service types and 
catalogs needed for updates. 


To verify the service types, enter 
rug sl 
To verify that you have the catalogs you need, enter 
rug ca 
3 Update the server with all available updates: 
3a Refresh all services by entering: 
rug ref 


3b See whether updates are available by entering: 








rug lu SLES10-SP3-Updates 0ES2-SP2-Updates 

3c Update the server with all available SLES10-SP3 and OES 2 SP2 patches by entering: 
rug up -t patch SLES10-SP3-Updates OES2-SP2-Updates 

3d Repeat Step 3b and Step 3c until there are no more SLES10-SP3 or OES 2 SP2 patches. 








When there are no more patches, continue with Step 3e. 

3e Reboot the server to finish the update. 
Rebooting the server activates the new kernel and ensures that OES services that need 
restarting after patching are restarted. 


You can also update your server with specific maintenance patches. 


1 Log into the server as root or su to root. 
2 At the command line, enter the following commands: 


2a To refresh all services, enter 
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rug ref 


2b To check for available updates, enter 


rug lu SLES10-SP3-Updates OES2-SP2-Updates 





2c To list the patches and their status, enter 














rug pch SLES10-SP3-Updates OES2-SP2-Upda 


2d To view specific patch information, enter 


rug patch-info patch_name 


For example: 


rug patch-info slespl-xpdf 


2e To list all installed patches, enter 





rug peh =i 


tes 


2f To update the server with specific patches, choose from the following: 


* To install all patches from one or more catalogs of a particular category. 


rug up -t patch catalogl catalog2 -g category name 


Replace category_name with: security, recommended, or optional. 


For example, 


rug up -t patch 
¢ To install one vers 


rug in -t patc 


For example: 


rug in -t patc 


* To install all 


rug in -t patc 


For example: 


rug in -t patc 








SLI 








ES10-SP3-Updates 0 


h -y oes2-CASA-3904-0 
versions of a patch, enter: 


h patch_name* 


h oes2-oes-SPident* 


ES2-SP2-Updates -g security 


ion of a patch without confirmation, enter: 


h -y patch_name-version 


2g Reboot the server to ensure that any changes to the kernel are activated, and applicable 
OES 2 services are restarted. 


The following table shows some additional commands you might want to use: 


Table 7-2 Additional Rug Commands 


Task 


Halts the ZLM daemon. Accepts the following option flags: 


+ -f, --force: Force the shutdown. 


Command 


rug shutdown [options] 


+ -n, --no-wait: Don’t wait for confirmation that the daemon was shut 


down. 
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Task Command 
Restarts the ZLM daemon. Accepts the following option flags: rug restart [options] 


+ -f, --force: Forces the shutdown. 


+ -n, --no-wait: Does not wait for confirmation that the daemon has 
restarted. 


+ --clean: Cleans up at restart 





Access help for all the rug commands rug 





Access the rug man page man rug 


7.8.3 GUI Quick Path for Updating OES 2 SP2 


To update your server with the patches released from Novell after the server has been installed and 
configured: 
1 Make sure you have the following: 


* A Novell Customer Center account (If you don’t have one, create it at http:// 
www.novell.com/register. This is the same account that you use for Bugzilla.) 


* Activation Code for SLES 10 and OES 2 SP2 

* A valid installation source 

* An established connection to the Internet 

* Make sure you have installed all the services that you need on the server. 

¢ Before starting your update, make note of the root partition and space available. 


In particular, ensure you have enough space where the update process downloads all the 
updates to in /var/cache/zmd/. Depending on the amount of patches that you are going to 
upgrade, you might need about 3 GB. 


* Before updating the server, secure the current data on the server. 
2 Register the server in the Novell Customer Center. 
If the server is already registered in the Novell Customer Center, skip to Step 3. 
2a In the YaST Control Center, click Software > Novell Customer Center Configuration. 


2b On the Novell Customer Center Configuration configuration page, select all of the 
following options, then click Next. 


+ Configure Now 

* Hardware Profile 

* Optional Information 

* Registration Code 

* Regularly Synchronize with the Customer Center 


After you click Next, a Contacting Server message is displayed. Wait until this message 
disappears and the Manual Interaction Required page displays. 


2c On the Manual Interaction Required page, note the information that you will be required 
to specify, then click Continue. 
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2d 


2e 


2f 
2g 


On the Novell Customer Center Registration page, specify the required information in 
each field, then click Submit: 


When the message to complete the registration displays, click Continue. After clicking 
Continue, the Contacting Server message is displayed with the Manual Interaction 
Required message. Wait until this message disappears and Novell Customer Center 
Configuration Was Successful page displays. 


When you see the message that the Novell Customer Center was successful, click OK. 


Confirm that you get the registration e-mails from the Novell Customer Center. You can 
perform Step 3 before you receive these e-mails. 


3 Update the server from GNOME Desktop or KDE desktop: 


3a 
3b 


3c 


3d 


3e 
3f 


Log into the server as root. 


Click the Novell Updater icon @ that indicates that updates are available. If no updates are 
available, the Novell Updater icon & changes appearances to a globe. 


On the Software Available for Updates patches, select the updates that you want to install, 
then click, Update. 


When the Software Updater Information status indicates that the update was successful, 
click Close. 


Repeat Step 3c and Step 3d until all available patches are applied. 
Reboot the server to finish the update. 


Rebooting the server activates the new kernel and ensures that OES services that need 
restarting after patching are restarted. 
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Using AutoYaST to Install and 
Configure Multiple OES Servers 


If you need to install OES to multiple systems that perform similar tasks and that share the same 
environment and similar but not necessarily identical hardware, you might want to use AutoYaST to 
perform the installation. 


You use the Configuration Management tool (YaST > Miscellaneous > Autoinstallation) to generate 
an XML profile file (referred to as a control file) and use it to perform OES installations to multiple 
servers that share the same hardware and environments. You can also tailor this control file for any 
specific environment. You then provide this control file to the YaST2 installation program. 


This section does not provide complete AutoYaST instructions. It provides only the additional 
information you need when setting up AutoYaST to install multiple OES 2 SP2 servers. 


For complete instructions on using AutoYaST2, see Automatic Linux Installation and Configuration 
with Yast2 (http://forgeftp.novell.com/yast/doc/SLES10/autoinstall/index.html). You can also access 
the documentation locally on an OES server in /usr/share/doc/packages/autoyast2/htm1/ 
index.html or autoyast.pdf. 


This section contains the following information: 


¢ Section 8.1, “Security Considerations,” on page 169 
* Section 8.2, “Prerequisites,” on page 169 
¢ Section 8.3, “Setting Up a Control File with OES Components,” on page 170 


* Section 8.4, “Setting Up an Installation Source,” on page 176 


8.1 Security Considerations 


See Password for User Admin Written in Clear Text in control.xml (page 211). 


8.2 Prerequisites 
You need at least the following components to install an OES 2 SP2 server using Auto YaST: 


O A server with OES 2 SP2 already installed 


O Oneor more target computers to install the server software to and the following information 
about each: 


+ Number of hard disks 

* MAC address 

* Monitor types and graphics hardware 
O A control file 


For information on setting up a control file with OES components, see “Setting Up a Control 
File with OES Components” on page 170. 





O Abootscenario set up 
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You can boot from media or from an installation source. For more information, see “Setting Up 
an Installation Source” on page 176. 


O A source or server that contains the AutoYaST profile (control file) 


For more information, see “Setting Up an Installation Source” on page 176. 


8.3 Setting Up a Control File with OES 
Components 


The control file is an XML file that contains an installation profile for the target computer. This 
installation profile contains all the information to complete software installation and configuration 
on the target computer. 


To create a control file: 


* You can create the control file manually in a text editor (not recommended). 


+ When completing an installation, you can click Clone for Auto YaST. If you use this option, the 
resulting file is /root /autoinst.xml. This file must be edited manually before using it. See 
Section 8.3.1, “Fixing an Automatically Created Control File,” on page 170. 


* You can create or modify a control file by using the AutoInstallation module in YaST. For 
procedures, see Section 8.3.2, “Using the AutoInstallation Module to Create the Control File,” 
on page 171. 


This system depends on existing modules that are usually used to configure a computer after 
OES 2 SP2 is installed on a server. 


8.3.1 Fixing an Automatically Created Control File 


Review the following issues and solutions to fix the automatically created control file. 
¢ Issue 1: If you install all OES Services using AutoYaST, Apache does not run. 


Solution: Reboot the server when the installation is complete; or when creating the profile or 
control file, deselect the Print Server pattern in the Primary Functions category. If you have 
already created the control file, remove the following section: 


- <printer> 
<cups_ installation config:type="symbol">server< cups_installation> 
<default /> 
<printcap config:type="list" /> 
<server hostname /> 
<spooler>cups</spooler> 
</printer> 


* Issue 2: The Certificate Authorities section of the control file is not created. 
Solution: You must insert the CA section manually. 
To add this information to the control file, do the following: 
1. Open YaST as root. 
2. Click Miscellaneous > Autoinstallation. 
3. Select Security and Users > CA Management, then click Configure. 


4. In the Common Name File field, specify a name for the certificate. For example 
YaST_Default_CA(hostname). 


170 OES 2 SP2: Installation Guide 


5. Specify an e-mail name in the Email field. 

6. Specify a password in the Password field. 

7. Click File Save to save the file. Ignore any error messages that you receive. 
8. Click View Source to ensure that the CA entry was entered. 

See the following syntax: 


<ca_mgm> 
<CAName>YaST Default CA</CAName> 
<ca_commonName>YaST Default _CA(hostname)</ca commonName> 
<country>US</country> 
<importCertificate config:type="boolean">false</importCertificate> 
<locality></locality> 
<organization></organization> 
<organizationUnit></organizationUnit> 
<password>actual password</password> 
<server email>name@example.com</server email> 
<state></state> 
<takeLocalServerName config:type="boolean">true</takeLocalServerName> 

</ca_mgm> 








Issue 3: If you install Novell Cluster Services™, one package does not install correctly. 
Solution: Comment out the following line in the control file. 
<package>novell-cluster-services-kmp-smp</package> 

For example: 


<!--<package>novell-cluster-services-kmp-smp</package>--> 


Issue 4: If you did not patch the server during the installation, the OES product is not identified 
correctly in the control file. 


Solution: When creating the profile or control file, change the product line from: 








<product>Novell Open Enterprise Server 2</product> 


to 











<product>OPEN ENTERPRISE SERVER</product> 

















8.3.2 Using the Autolnstallation Module to Create the Control 
File 


The following procedure contains a quick list of steps to create the control file using the 
AutoInstallation module in YaST on a server running OES 2. 


kh OD = 


On a server that has OES 2 installed, open the YaST2 Control Center. 
Click Miscellaneous > Autoinstallation. 
Click Tools > Create Reference Control File. 


In the Create a Reference Control File dialog box, select the Network card check box in the 
Select Additional Resources field, then click Create. 


AutoYaST probes the system for software, partitioning, boot loader, network card information, 
language settings, mouse, and other system settings. 
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5 Verify the package selections. 
5a Click Software > Package Selection. 


5b On the Package Selection page, make sure the items are the same as you previously 
selected. For more information on the add-ons (software selections) that are selected in the 
base selections or patterns, see “Deciding What Patterns to Install” on page 28. If the 
configuration contains the packages and selections you need, skip to Step 7. If not, 
continue with Step 6. 


6 Ifyou need to change the package selections for the target servers, do the following: 
6a In the Package Selection dialog box, click Configure. 
6b On the Software Selection page, click Patterns in the Filter field. 
6c Select the specific software items that you want to be added, then click Accept. 


6d If you are prompted to accept the AGFA Monotype Corporation End User License 
Agreement, click Accept. 


6e Accept the automatic changes by clicking Continue in the Changed Packages dialog box. 
7 Specify the Partitioning parameters for the target server: 
7a From the Main YaST Autolnstallation menu, click Hardware > Partitioning > Configure. 
7b Set up partitioning on the first drive as desired, then click Finish. 
See the online help for details about limitations. 


For more information on partitioning options, see “Partitioning” in Automatic Linux 
Installation and Configuration with Yast2 (http://forgeftp.novell.com/yast/doc/SLES 10/ 
autoinstall/CreateProfile.Partitioning.html). 


8 Specify the settings for the graphics card and monitor: 


8a From the Main YaST Autolnstallation menu, click Hardware > Graphics Card and 
Monitor > Configure. 


8b In the General Options field of the X11 Configuration page, specify the settings that you 
want. 


8c In the Desktop field of the X11 Configuration page, select the settings that you want for 
the Display Manager and Window Manager, then click Next. 


8d On the Configure Monitor page, select the applicable monitor vendor and model, then 
click Next. 


8e Verify the X11 settings. If they are not correct, repeat Step 8a and Step 8d. 
If you skip this step, the server keyboard mappings might be German. 


9 (Optional) Insert a script to perform a task that you might want, such as a script for removing 
partitions: 


For more information on custom user scripts, see “Custom User Scripts” (http:// 
forgeftp.novell.com/yast/doc/SLES 10/autoinstall/createprofile.scripts.html)in Automatic Linux 
Installation and Configuration with Yast2. 


9a From the Main YaST Autolnstallation menu, click Miscellaneous > Custom Scripts > 
Configure. 


9b On the User Script Management page, click New. 


9c Inthe File Name field, specify a descriptive name for the script, such as 
hello world script. 
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11 


12 


9d In the Script Source field, specify commands such as the following example script: 


#!/bin/sh 
‘echo "hello world" > /tmp/post-script-output' 


9e Click the Type drop-down box, then select Post. 


This script runs after the installation is complete. For additional options, see the online 
help for this dialog box. 


9f Click Save. 


9g Make sure your script appears in the Available Scripts section of the User Script 
Management page, then click Finish. 


9h Make sure your script appears in the Post Scripts section of the Custom Scripts page. 
Set the password for the root user: 

10a From the Main YaST AutoInstallation menu, click User Management > Configure. 
10b Click Set Filter, then select Select System Users from the drop-down menu. 

10c Select user root, then click Edit. 


10d Type a password for the root user in the Password and Verify Password fields, click 
Accept, then click Finish. 


10e Verify that the root user appears in the Users section of the User Management dialog 
box. 


Set a password for Certificate Authority management: 


11a From the Main YaST AutoInstallation menu, click Security and Users > CA Management 
> Configure. 


11b Type a password for the certificate in the Password and Confirm Password fields, then 
click Finish. 


11c Verify that the Password status appears as Set on the CA Management page. 
Configure OES Services: 


12a From the Main YaST AutoInstallation menu, click Open Enterprise Server > 
module_name > Configure. 


All OES services are in the Open Enterprise Server category. 


We recommend configuring eDirectory first. Although there are dependencies for some of 
the components, in this release AutoYaST does not verify whether one module is 
configured or not. 


See the following table for category names and dependencies. You should configure all 
the modules that were selected for the software selections in Step 5 on page 172. For more 
information about which modules are in each pattern, see “Deciding What Patterns to 
Install” on page 28. 


Module Name Other Module Dependencies 


Novell AFP * Novell Backup / Storage Management Services (SMS) 
* Novell eDirectory 
* Novell Storage Services (NSS) 
* Novell Linux User Management (LUM) 


* Novell Remote Manager (NRM) 
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Module Name 


Novell Archive and 
Version Services 


Novell Backup/ 
Storage Management 
Services (SMS) 


Novell CIFS 


Novell Cluster 
Services (NCS) 


Novell DHCP 


Novell DNS 


Novell Domain 
Services for Windows 


Novell eDirectory 
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Other Module Dependencies 


Novell Backup/Storage Management Services (SMS) 
Novell eDirectory™ 

Novell Linux User Management (LUM) 

Novell Remote Manager (NRM) 

Novell Storage Services™ (NSS) 


Novell Linux User Management (LUM) 


Novell Remote Manager (NRM) 


Novell Backup / Storage Management Services (SMS) 
Novell eDirectory 

Novell Storage Services (NSS) 

Novell Linux User Management (LUM) 


Novell Remote Manager (NRM) 


Novell Backup/Storage Management Services (SMS) 
Novell Linux User Management (LUM) 


Novell Remote Manager (NRM) 


Novell Backup/Storage Management Services (SMS) 
Novell eDirectory 
Novell Linux User Management (LUM) 


Novell Remote Manager (NRM) 


Novell Backup/Storage Management Services (SMS) 
Novell eDirectory 

Novell Linux User Management (LUM) 

Novell Remote Manager (NRM) 


Novell Backup / Storage Management Services (SMS) 
Novell eDirectory 

Novell DNS 

Novell iManager 

Novell iPrint 

Novell Linux User Management (LUM) 

Novell Remote Manager (NRM) 

Novell Storage Services (NSS) 

Novell NCP Server 


Novell Backup/Storage Management Services (SMS) 
Novell Linux User Management (LUM) 
Novell Remote Manager (NRM) 


Module Name 


Novell FTP 


Novell iFolder 


Novell iManager 


Novell iPrint 


Novell Linux User 
Management (LUM) 


Novell NCP Server / 
Dynamic Storage 
Technology 


Novell NetStorage 


Novell Pre-Migration 
Server 


Novell QuickFinder 


Novell Remote 
Manager (NRM) 


Other Module Dependencies 


Novell Backup/Storage Management Services (SMS) 
Novell eDirectory 

Novell Linux User Management (LUM) 

Novell Remote Manager (NRM) 


Novell Backup/Storage Management Services (SMS) 
Novell eDirectory 
Novell Linux User Management (LUM) 


Novell Remote Manager (NRM) 


Novell Backup/Storage Management Services (SMS) 
Novell Linux User Management (LUM) 


Novell Remote Manager (NRM) 


Novell Backup/Storage Management Services (SMS) 
Novell eDirectory 

Novell iManager 

Novell Linux User Management (LUM) 


Novell Remote Manager (NRM) 


Novell Backup/Storage Management Services (SMS) 
Novell Remote Manager (NRM) 


Novell Backup/Storage Management Services (SMS) 
Novell eDirectory 

Novell Linux User Management (LUM) 

Novell Remote Manager (NRM) 


Novell Backup/Storage Management Services (SMS) 
Novell iManager 
Novell Linux User Management (LUM) 


Novell Remote Manager (NRM) 


Novell Backup / Storage Management Services (SMS) 
Novell eDirectory (without a replica) 
Novell Linux User Management (LUM) 


Novell Remote Manager (NRM) 


Novell Backup/Storage Management Services (SMS) 
Novell Linux User Management (LUM) 
Novell Remote Manager (NRM) 


Novell Backup/Storage Management Services (SMS) 
Novell Linux User Management (LUM) 
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Module Name Other Module Dependencies 


Novell Samba * Novell Backup/Storage Management Services (SMS) 
* Novell Linux User Management (LUM) 
* Novell Remote Manager (NRM) 


Novell Storage * Novell Backup/Storage Management Services (SMS) 
Services (NSS) * Novell eDirectory 

+ Novell NCP Server 

* Novell Linux User Management (LUM) 


* Novell Remote Manager (NRM) 


12b Type or select the information for each field requested on each page, then click Next until 
a summary of setting is displayed for that service. 


12c Verify that the settings for each module are what you want. 
If not, click Reset Configuration and provide the corrected settings. 


12d Repeat Step 12a through Step 12c until all the required modules have been configured, 
then continue with Step 13. 


13 Save the file. 
13a Click File > Save. 
13b Browse to a location that you want to save the file to. 
13c Type filename. xml, then click Save. 


Replace filename with an appropriate name to identify the control file for the installation 
you are performing. 


By default, the file is saved in the /var/lib/autoinstall/repository/ directory. 


For additional filename requirements and recommendations, see “The Auto-Installation 
Process” in Automatic Linux Installation and Configuration with Yast2 (http:// 
forgeftp.novell.com/yast/doc/SLES10/autoinstall/Invoking.html). 


14 Exit the configuration management tool by clicking File > Exit. 


15 Proceed with “Setting Up an Installation Source” on page 176. 


8.4 Setting Up an Installation Source 


For OES 2, you must set up a separate directory for the SLES 10 software and the OES 2 software. 


AutoYaST requires an installation source. You have several options. For an explanation of each, see 
“Network Based Installation” (http://forgeftp.novell.com/yast/doc/SLES10/autoinstall/ 
Invoking.html) and “The Auto-Installation Process” in Automatic Linux Installation and 
Configuration with Yast2 (http://forgeftp.novell.com/yast/doc/SLES 1 0/autoinstall/ 
Bootmanagement.html). 


You can also set up an installation source on a NetWare server. See Appendix C, “Setting Up an 
Installation Source on NetWare,” on page 225. 
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Installing OES as a Xen VM Host 
Server 


You can install Novell® Open Enterprise Server (OES) 2 SP2 Linux as a Xen VM host server. 


To understand why you might want your VM host server to have OES 2 SP2 installed, see “Why 
Install OES Services on Your VM Host?” in the OES 2 SP2: Planning and Implementation Guide. 


To install OES 2 SP2 on your VM host server, add the following steps to the basic installation 
instructions found in “Setting Up a Virtual Machine Host” (http://www.novell.com/documentation/ 
sles10/book_virtualization_xen/data/cha_xen_virtualization_vhost_setup.html) in the Virtualization 
with Xen (http://www.novell.com/documentation/sles10/book_virtualization_xen/data/ 
book_virtualization_xen.html) guide. 


1 


When you reach the Installation Mode page, select the Include Add-On Products from Separate 
Media option and complete the instructions in Section 3.3.3, “Specifying the Add-On Product 
Installation Information,” on page 47. 


2 When you reach the Installation Settings page, click the Software heading. 


Of the services listed in the OES Services category, only the following are supported on a Xen 
VM host server: 


* Novell Linux User Management (LUM) 
* Novell Storage Management Services™ (SMS) 
* Novell Cluster Services® (NCS) 


You can select any of these services that you want to be available on the host server, or you can 
leave all of the services deselected. In either case the server will be configured as an OES 
server. 


If you selected any of the supported OES services, you will notice that Novell Remote Manager 
(NRM) is also selected. Click the green checkmark by NRM to change it to a red taboo symbol 
and prevent NRM from being installed. NRM is not a supported OES service on a Xen VM 
host server. 


In the Primary Functions category, select Xen Virtual Machine Host Server. 


Because you want the host server optimized to manage your virtual machines, do not choose 
any additional primary functions. Other services should be installed on an OES or SLES 10 
VM guest server or physical server. 


6 In the Primary Functions category, deselect Print Server by clicking the option twice. 


On the Configured LDAP Servers page, specify the tree name, admin name, and password for 
the eDirectory tree into which you are installing the host server. 





IMPORTANT: If you didn’t select any OES services, the Novell Open Enterprise Server 
Configuration page appears instead. In that case, the Configured LDAP Servers page is 
accessible via the LDAP Configuration for Open Enterprise Services link. 





Click Add and specify the IP address of a server in the tree that has eDirectory installed on it, 
then click Next. 


On the Novell Open Enterprise Server Configuration page, click Next. 
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10 When you reach the User Authentication Method page, do not change the Authentication 
Method. 


11 On the New Local User page, do not create a local user. 


12 After the server boots, make sure the GRUB boot loader is set to run the Xen kernel by doing 
the following: 


12a On the desktop, click Computer > YaST. 
12b In YaST click System > Boot Loader. 


12c Make sure there is a check mark by the XEN label. If a different option is checked, select 
XEN and click the Set as Default button. 


12d Click Finish. 
12e Close YaST and restart the server. 


The server is now prepared to function as a Xen VM host server. 
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Installing, Upgrading, or Updating 
OES on a Xen-based VM 


In Novell® Open Enterprise Server (OES) 2 SP2, you can install OES 2 SP2 as a guest operating 
system ona 


+ 


SUSE® Linux Enterprise Server (SLES) 10 Linux server 


See “Setting Up a Virtual Machine Host” (http://www.novell.com/documentation/sles10/ 
book_virtualization_xen/data/cha_xen_virtualization_vhost_setup.html) in the Virtualization 
with Xen (http://www.novell.com/documentation/sles10/book_virtualization_xen/data/ 
book_virtualization_xen.html)guide. 

or 

OES 2 SP2 server that has been set up as a Xen-based host server 

See Chapter 9, “Installing OES as a Xen VM Host Server,” on page 177. 


For general information on the Xen virtualization technology in SLES 10 SP3, see the Virtualization 
with Xen (http://www.novell.com/documentation/sles10/book_virtualization_xen/data/ 
book_virtualization_xen.html)guide. 


This section documents the system requirements, installation instructions, upgrade and migration 
instructions, and issues associated with setting up OES 2 on a Xen-based virtual machine. 


+ 


+ 


+ 


+ 


+ 


Section 10.1, “System Requirements,” on page 179 

Section 10.2, “Prerequisites,” on page 181 

Section 10.3, “Preparing the Installation Software,” on page 181 

Section 10.4, “Installing an OES 2 SP2 VM Guest,” on page 182 

Section 10.5, “Upgrading an OES 2 VM Guest to OES 2 SP2,” on page 186 
Section 10.6, “Updating an OES 2 SP2 VM Guest,” on page 191 

Section 10.7, “Managing a Virtual Machine Running OES 2 SP2,” on page 191 
Section 10.8, “Advanced Configuration Options,” on page 191 


10.1 System Requirements 


To create an OES 2 SP2 VM guest, you need a SLES 10 SP3 or OES 2 SP2 server that is set up as a 
Xen VM host server. 


+ 


+ 


+ 


Section 10.1.1, “OES 2 SP2 VM Host Considerations,” on page 180 
Section 10.1.2, “NSS Considerations,” on page 180 
Section 10.1.3, “Setup Instructions,” on page 180 
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10.1.1 OES 2 SP2 VM Host Considerations 


| When setting up a virtual machine host for OES 2 SP2 VM guests, ensure that the host server has the 
following: 


¢ Time synchronization: Set the server’s time configuration to the same reliable, external 
time source as the eDirectory™ tree that the virtual machines on that host will be joining. 


To set the time source, use Yast > Network Services > NTP Time Configuration. 
The time source can be running NTP or Timesync. 


* RAM: Enough memory to support each virtual machine that you want to run concurrently 
on the host server. 


For example, if you are installing one OES 2 SP2 virtual machine, you need a minimum of 
1 GB of memory (512 MB for the host plus 512 MB for the OES 2 Linux VM). 


If you are installing two virtual machines, and the first VM guest’s services need 1 GB 
while the second guest’s need 1.5 GB, you need 2.5 GB for the VM guests and 512 MB 
for the host—a total of 3 GB. 


* Disk Space: Enough disk space on the host for creating and running your VM guests. 


The default disk space required for an OES 2 SP2 VM guest is 4 GB and the default 
allocation for each VM guest in Xen is 10 GB, leaving approximately 6 GB for data files, 
etc. The space you need is dependent on what you plan to use the virtual server for and 
what other virtual storage devices, such as NSS volumes, that you plan to attach to it. 


10.1.2 NSS Considerations 


If you want to set up Novell Storage Services (NSS) on the virtual machine, note the following: 
+ NSS can recognize physical, logical, or virtual devices up to 2 TB in size (where 1 TB = 2E40 
bytes = 1,099,511,627,776 bytes). 


¢ Ina virtual environment, the devices that you want to use for the NSS file system on the guest 
operating system cannot exceed the 2 TB limit, even if the host operating system and guest 
operating system can handle larger devices. 


For information, see “Device Size Limit” in the OES 2 SP2: NSS File System Administration 
Guide. 


10.1.3 Setup Instructions 


As mentioned in Chapter 10, “Installing, Upgrading, or Updating OES on a Xen-based VM,” on 
page 179, you can use either an SLES 10 SP3 server or an OES 2 SP2 server as your VM host 
server. 


For setup procedures, see 


+ SLES 10 SP3: “Setting Up a Virtual Machine Host” (http://www.novell.com/documentation/ 
sles10/book_virtualization_xen/data/cha_xen_virtualization_vhost_setup.html) in the 
Virtualization with Xen (http://www.novell.com/documentation/sles10/ 
book virtualization xen/data/book_virtualization xen.html) guide. 
or 


* OES2 SP2: “Chapter 9, “Installing OES as a Xen VM Host Server,” on page 177.” 


180 OES 2 SP2: Installation Guide 


10.2 Prerequisites 


Before creating an OES 2 SP2 virtual machine, you need the following: 


+ Ifyou want to use AutoYaST to specify the Installation settings, create an AutoYaST profile 
(control) file and download it to a directory on the host machine server or make it available on 
the network. 


¢ A static IP address for each virtual server that you want to create. 


10.3 Preparing the Installation Software 


¢ Section 10.3.1, “Downloading the Installation Software,” on page 181 


¢ Section 10.3.2, “Preparing the Installation Source Files,” on page 181 


10.3.1 Downloading the Installation Software 


For information on downloading the following ISO image files, see the Novell Open Enterprise 
Server 2 Download Instructions (http://www.novell.com/documentation/oes2/esd/di_oes2.html). 


Table 10-1 OES ISO Images and CD Labels for i386 (32-Bit Installations) 


ISO Image File CD Label 


OES2-SP2-i386-CD1.iso Novell Open Enterprise Server 2 SP2 CD 1 





SLES-10-SP3-DVD-i386-GM-DVD1.iso SuSE Linux Enterprise Server 10 SP3 DVD 








Table 10-2 OES ISO Images and CD Labels for x86_64 (64-Bit Installations) 











ISO Image File CD Label 

0ES2-SP2-x86_64-CD1l.iso Novell Open Enterprise Server 2 SP2 CD 1 
SLES-10-SP3-DVD-x86_64-GM- SuSE Linux Enterprise Server 10 SP3 DVD 
DVD1.iso 





10.3.2 Preparing the Installation Source Files 


To create an OES 2 SP2 VM guest, you must make the installation software available in one of the 
following locations: 


* A Local Installation Source: The 32-bit (Table 10-1) or 64-bit (Table 10-2) ISO files copied 
to the host server’s local drives. 


or 


+ A Network Installation Source: The 32-bit (Table 10-1) or 64-bit (Table 10-2) ISO files used 
to create a network installation source. For instructions, see “Setting Up the Server Holding the 
Installation Sources” in the SUSE Linux Enterprise Server 10 Installation and Administration 
Guide (http://www.novell.com/documentation/sles10/book_sle_reference/data/ 
sec_deployment_remoteinst_instserver.html). 
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10.4 Installing an OES 2 SP2 VM Guest 


Creating an OES 2 SP2 virtual machine requires you to complete the following major tasks. 


¢ Section 10.4.1, “Specifying Options for Creating an OES 2 SP2 VM Guest,” on page 182 
* Section 10.4.2, “Specifying the Installation Mode,” on page 185 

* Section 10.4.3, “Specifying the Add-On Product Installation Information,” on page 185 

¢ Section 10.4.4, “Completing the OES 2 SP2 VM Guest Installation,” on page 186 


10.4.1 Specifying Options for Creating an OES 2 SP2 VM Guest 


The Create Virtual Machine Wizard helps you through the steps required to create a VM guest and 
install the desired operating system. 
1 Launch the Create Virtual Machine Wizard by using one of the following methods: 


* From the virtualization host server desktop, click YaST > Virtualization > Create Virtual 
Machines 


¢ From within Virtual Machine Manager, click New. 
+ At the command line, enter vm-install. 


If the wizard does not appear or the vm-install command does not work, review the process 
of installing and starting the virtualization host server. The virtualization software might not be 
installed properly. 


2 After specifying that you want to create a virtual machine, click Forward. 
3 Click Forward. 


The option to set up a virtual machine based on an existing disk or disk image is only supported 
if the existing disk or disk image was originally set up through the Create Virtual Machine 
Wizard. 


4 On the Type of Operating System page, select Novell Open Enterprise Server 2 (Linux), then 
click Forward. 


The Summary page appears. 
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Create a Virtual Machine 


Click any headline to make changes. When the 
settings are comect, click OK to create the VM 


Virtualization Method 


Paravirtualized 


Name of Virtual Machine 


oes2l 


Hardware 
Initial Memory: 512 MB 
Maximum Memory: 1048576 MB 
Virtual Processors: 1 


Graphics 


Paravirtualized Graphics Adapter 


Disks 
1: 10.0 GB Hard Disk (/var/lib/xen/images/oes2Vdisk0) 


Network Adapters 
1: Paravirtualized; Randomly generated MAC address 


Operating System Installation 
Operating System: Novell Open Enterprise Server 2 (Linux) 
Installation Source: 
Automated Installation: 
Additional Arguments: 





| X aiil |Q Pa 











NOTE: Detailed explanations of the Summary page settings are available in “Virtualization: 
Configuration Options and Settings (http://www.novell.com/documentation/sles10/ 
book_virtualization_xen/data/cha_xen_config_options.html)”in the Virtualization with Xen 
(http://www.novell.com/documentation/sles10/book_virtualization_xen/data/ 
book_virtualization_xen.html) guide. 





Click Name of Virtual Machine. 
5a specify a name for the virtual machine in the Name field, then click Apply. 


For example, you might specify hostname_vm, where hostname is the DNS name of the 
server you are installing in the VM. 


Click Hardware. 


6a Specify the amount of initial and maximum memory for the virtual machine to consume 
from the available memory. The initial memory should not be less than 1024 MB. 


6b Specify the number of processors that you want the virtual machine to use. 
6c Click Apply. 


If you want to change the graphics adapter settings, click Graphics and select the type of 
graphic support desired, then click Apply. 

Click Disks. 

The Virtual Disk dialog lets you create the virtual disks that the OES 2 SP2 VM guest will have 


access to. This includes the installation media if you are installing from downloaded SLES and 
OES ISO image files. 
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Initially, a 10 GB file is specified for the partitions/volumes on the virtual server. The default 
location of the file is /var/lib/xen/images. 


By default, this is a sparse file, meaning that although 10 GB is allocated, the size of the file on 
the disk will only be as large as the actual data it contains. Sparse files conserve disk space, but 
they have a negative impact on performance. 


The OES 2 SP2 installation guidelines recommend 10 GB for a server installation. Keep in 
mind, however, that you are defining the total local disk size for the server. You should allocate 
as much local space as you anticipate the server needing for data and other files after it is 
hosting user services. 


8a Specify the hard disk space you want to be available to the virtual machine. 
8b Click Apply. 


9 Ifyou are installing SLES 10 SP3 from a downloaded ISO image file, click CD-ROM, browse 
to the SLES 10 SP3 image file, then click Open > OK > Apply. 


10 Ifyou are installing OES 2 SP2 from a downloaded ISO image file, click CD-ROM, browse to 
the OES 2 SP2 image file, then click Open > OK > Apply. 


11 Ifyou want to change the network adapter settings, click Network Adapters, view the default 
setting, edit the default settings, or click New and specify the setting for another network board 
of your choice, then click Apply. 


12 Click Operating System: 


12a If you are installing from a downloaded ISO image, make sure that the SLES 10 SP3 
image is specified as the Virtual Disk installation source. 


12b If you are installing from a network installation source, specify the URL for the SLES 10 
SP1 network installation source. 


You specify a network installation source for OES 2 SP2 during the install. 


12c If you are using an AutoYaST control file to specify the settings for a virtual machine 
operating system, specify the path to the file in the Auto YaST File field or click the Find 
button to the right of the field to locate the file on the local host server. 


12d If needed, use the Additional Arguments field to specify additional install or boot 
parameters to assist the installation. 


For example, if you wanted to specify the parameters for an IP address of 192.35.1.10, a 
netmask of 255.255.255.0, a gateway of 192.35.1.254 for the virtual server, and use ssh to 
access the installation from another workstation, you could enter the following parameters 
in the Additional Argument field: 


hostip=192.35.1.10 netmask=255.255.255.0 gateway=192.35.1.254 usessh=1 
sshpassword=password 


12e Click Apply. 
13 Click OK to start the virtual machine and launch the operating system installation program. 
14 Continue with Section 10.4.2, “Specifying the Installation Mode,” on page 185. 
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10.4.2 Specifying the Installation Mode 


When selecting the type of installation, select New Installation. 


1 When the Installation Mode screen displays, select the following menu options, then click 
Next: 
1. New Installation 


2. Include Add-On Products from Separate Media 





Preparation 

V Language 

¥ License Agreement 
= System Analysis 

@ Time Zone 


ie Installation Mode 





Installation 
@ Installation Summary 
® Perform Installation 


Configuration 
@ Root Password 
@ Hostname 


Select Mode 
© New Installation 





® Network 


® Customer Center 
e Online Update 
® Service 








X| Include Add-On Products from Separate Media 











Help Back Abort TE 


2 Continue with Section 10.4.3, “Specifying the Add-On Product Installation Information,” on 
page 185. 


10.4.3 Specifying the Add-On Product Installation Information 


When the Add-On Product Installation page displays: 


1 Click Add. 
2 Ifyouare installing OES 2 from an ISO image file, do the following: 
2a In the Add-On Product Media dialog, click Specify URL, then click Next. 
2b In the URL field type 
hd:///?device=/dev/xvdc/ 
2c Click OK. 
2d Skip to Step 4. 


3 Ifyou are installing from a network installation source, click the appropriate protocol for your 
situation, then click Next and supply the required information. 


4 Read and accept the Novell Open Enterprise Server 2 license agreement, then click Next. 
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5 Confirm that the Add-On Product Installation page shows the correct path to the OES media, 
then click Next. 


6 Continue with “Completing the OES 2 SP2 VM Guest Installation.” 


10.4.4 Completing the OES 2 SP2 VM Guest Installation 


1 Follow the on-screen prompts, using the information contained in the following sections: 
1a Section 3.3.4, “Setting Up the Clock and Time Zone,” on page 48. 


1b Section 3.3.5, “Specifying the Installation Settings for the SLES Base and OES 
Installation,” on page 48. 


1c Section 3.3.6, “Specifying Configuration Information,” on page 54. 


During the configuration portion of the installation, you might see additional prompts 
concerning hardware detection of the network cards, DSL, PPPoE DSL, ISDN cards, and 
modems. 


When specifying the time source during the eDirectory configuration, use the same time 
source as the eDirectory tree you are installing the server into. 


After the installation, enable the virtual machine’s Independent Wall Clock setting and 
reboot the virtual machine so it can synchronize its time correctly. For more information 
on this configuration issue, “Virtual Machine Clock Settings (http://www.novell.com/ 
documentation/sles10/book_virtualization xen/data/sec_guest suse.html#sec_xen time) 
in the Virtualization with Xen (http://www.novell.com/documentation/sles10/ 

| book_virtualization_xen/data/book_virtualization_xen.html) guide. 
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1d Section 3.4, “Finishing the Installation,” on page 71. 


During the hardware configuration, graphics and sound cards are not recognized when 
installing OES 2 SP2 as a VM guest. 


2 Complete the server setup by following the procedures in “Chapter 6, “Completing OES 
Installation or Upgrade Tasks,” on page 145.” 


10.5 Upgrading an OES 2 VM Guest to OES 2 
SP2 


¢ Section 10.5.1, “Upgrading an OES 2 VM Guest using the Update Channel,” on page 186 
* Section 10.5.2, “Performing a Down-Server Upgrade,” on page 186 


10.5.1 Upgrading an OES 2 VM Guest using the Update 
Channel 
Patching or updating an OES 2 SP2 VM guest is essentially the same as updating an OES 2 SP2 


physical server. For instructions on updating a physical OES 2 SP2 server, see Section 5.4.5, 
“Upgrading Using the Patch Channel (Online),” on page 122. 


10.5.2 Performing a Down-Server Upgrade 





NOTE: The upgrade process using a network location or an ISO file is quite lengthy. Physical 
media upgrades are not supported. 
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If your guest VMs have access to a patch channel, we recommend that you upgrade using the patch 
channel. See Section 5.4.5, “Upgrading Using the Patch Channel (Online),” on page 122. 





Performing a down-server upgrade on an OES 2 VM guest is similar in many ways to upgrading a 
physical machine, but there are important differences as outlined in the following sections: 

* “Before You Start the Upgrade Process” on page 187 

* “A Brief Overview of the Upgrade Process” on page 187 

* “Creating a Temporary Upgrade Directory on the VM Host” on page 188 

+ “(Conditional) Creating a Directory and Copying the ISO Files to the VM Host” on page 188 

* “Checking the Kernel Type” on page 188 

¢ “Shutting Down and Preparing the VM Guest” on page 188 

* “Copying the Boot Files and Preparing the VM Guest Configuration Files” on page 189 

* “Starting the Upgrade” on page 190 

+ “Resuming and Completing the Upgrade” on page 191 


Before You Start the Upgrade Process 


1 Make sure you follow all of the applicable instructions and guidelines in Section 5.2, “Planning 
for the Upgrade to OES 2 SP2,” on page 114 and Section 5.3, “Meeting the Upgrade 
Requirements,” on page 115. 


A Brief Overview of the Upgrade Process 


When you perform a down-server upgrade on a physical server to OES 2 SP2, you must first shut 
down the server and then reboot it using the installation kernel and initial RAM disk (initrd) files on 
the SLES 10 SP3 installation media. This is accomplished by booting the server using a SLES CD or 
DVD, an ISO image file, or by accessing a SLES installation image on the network, for example, 
through a PXE or other remote connection. 


Upgrading a VM guest also requires that you shut it down. However, when a Xen VM guest reboots, 
it doesn’t scan the local storage devices or attempt a PXE connection. Rather, it uses its 
configuration information to locate the kernel and other needed files on the host’s file system. The 
only way to affect the boot process of a VM guest is to modify its configuration. 


Therefore, to upgrade a Xen VM guest, you must do the following as explained in the sections that 
follow. 


1. Copy the installation/upgrade kernel and initial RAM disk (initrd) files to the VM host’s file 
system to be accessed through the modified configuration file, explained in the next point. 
2. Create two copies of the VM guest configuration: 


* A Modified Version: You use this to start the upgrade process and run the first portion of 
the process. 


* An Unmodified Version: You use this to restore the guest’s operating environment for 
the second portion of the upgrade process. 


3. Remove the VM guest’s configuration information from the Xen database so that it can boot 
using configuration files you create above. 
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Creating a Temporary Upgrade Directory on the VM Host 


As explained in the overview above, the kernel and other files needed to run the upgrade must be 
accessible on the VM host’s file system. 
1 Create a directory on the VM host server for 
¢ The installation kernel 
¢ The initial RAM disk (initrd) file 
¢ The configuration files that you need during the upgrade process. 


The instructions that follow assume the directory is /tmp/upgrade, but you can use a different 
directory if you prefer. 


(Conditional) Creating a Directory and Copying the ISO Files to the VM Host 
If you plan to install from ISO image files on the VM host, do the following: 


1 Create a directory for the files on your VM host server. 


Because the images need to be available for future maintenance operations, they should be kept 
in a permanent location so that YaST knows where to find them. 


2 Copy the ISO image files for your platform type. 


Refer to the information on obtaining OES software in “Getting and Preparing OES 2 
Software” in the OES 2 SP2: Planning and Implementation Guide. 


Checking the Kernel Type 


If you are upgrading a 32-bit VM guest, and you don’t know whether it uses the non-PAE or PAE 
kernel, do the following: 
1 Open a terminal on the VM guest. 
2 Enter the following command: 
uname -r 
3 Note whether the kernel name ends in 
¢ xen: Indicates the non-PAE kernel. 
or 
* xenpae: Indicates the PAE kernel. 


This determines which version of the kernel you must copy to the temporary upgrade directory. 


Shutting Down and Preparing the VM Guest 
1 On the VM host server, open Virtual Machine Manager, right-click the OES 2 guest server you 
are upgrading, and select Shutdown. 


2 Ifyou are upgrading using ISO image files, in Virtual Machine Manager click View > Details > 
Hardware > Add > Storage Device, browse to and select the SLES 10 SP3 ISO file. 


3 Browse to and select the OES 2 SP2 ISO file. 
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Copying the Boot Files and Preparing the VM Guest Configuration Files 


1 Copy the installation kernel and initrd files from your SLES 10 SP3 installation source > the / 
boot /i386 or /boot/x86_ 64 directory (depending on which architectural version you are 
upgrading) to the temporary directory you created in Step 1 on page 188. 


If you are upgrading a 64-bit VM guest installation, the files are named vmlinuz-xen and 
initrd-xen. 


If you are upgrading a 32-bit VM guest installation, choose the files that are appropriate for 
your hypervisor as determined in “Checking the Kernel Type” on page 188: 


* vmlinuz-xen and initrd-xen 
or 
* vmlinuz-xenpae and initrd-xenpae 
2 Capture the VM guest’s configuration in a file that you can modify to start the upgrade process. 
At a terminal prompt, enter the following command: 
xm list -1 vm name>/path/to/modify config file.sxp 


where vm_name is the name of the VM guest that you are upgrading as listed in the Virtual 
Machine Manager, and the path points to your temporary directory created in Step 1 on 
page 188 and specifies a filename that indicates it is modified for starting the upgrade process. 


For example, you might type 
xm list -1 myserver vm > /tmp/upgrade/modify myserver vm.sxp 


3 Before modifying the configuration file you just created, change to the directory containing the 
file and make a copy of it to preserve the unmodified configuration by using the following 
commands: 


cd /path/to/upgrade directory 


cp modify_config_file.sxp unmodified_config_file.sxp 


where modify_config_file.sxp is the name the configuration file you specified in Step 2 and 
unmodified_config_file.sxp is the name of the new file you will use to restore the VM guest’s 
original configuration for the second phase of the upgrade process. 


For example, you might type 
cd /tmp/upgrade 
cp modify myserver vm.sxp unmodified myserver _vm.sxp 


4 Verify that both of the configuration files are in your upgrade directory and then remove the 
VM guest’s configuration from the Xen VM database using the following command: 


xm delete vm name 

where vm name is the name of the VM guest that you are upgrading. 
For example, you might type 

xm delete myserver vm 

The VM guest no longer appears in Virtual Machine Manager. 


5 Using a text editor, open the configuration file to be modified that you created in Step 2 and 
change it as follows: 


5a Remove the line that begins with (bootloader args .... 
5b Change the line that reads 


Installing, Upgrading, or Updating OES on a Xen-based VM 189 


(on_reboot restart) 

to 

(on_reboot destroy) 
5c Remove the line that contains 

(bootloader /usr/lib/xen/boot/domUloader.py). 
5d Find the following indented lines: 

(image 

(linux 
(kernel ...) 


5e In the kernel line, before the closing parenthesis “)’, modify the listed path (or insert a 
path if none is present) to point to the vmlinuz-xen or vmlinuz-xenpae file copied in 
Step 1. 


For example, modify the kernel line so that it reads: 
(kernel /tmp/upgrade/vmlinuz-xen) 

or 

(kernel /tmp/upgrade/vmlinuz-xenpae) 


5f Insert a ramdisk line below the kernel line (or if a ramdisk line already exists, modify it) to 
point to the initrd file you copied in Step 1. 


For example, insert or modify the line so that it reads: 
(ramdisk /tmp/upgrade/initrd-xen) 

or 

(ramdisk /tmp/upgrade/initrd-xenpae) 


5g In the args line, between the single quotes (‘ ‘) insert the path to your SLES 10 SP3 
installation source. 


For example, if you are upgrading a 64-bit installation from the network, you might 
modify the args line so that it reads: 


(args ‘install=http://myserver.mycompany.com/slesl0-sp2/x86 64’) 


Or if you are upgrading a 64-bit installation from ISO files, you might modify the args line 
so that it reads: 


(args ‘install=hd:///?device=/dev/xvdx’ ) 
where x=the letter assigned to the SLES 10 SP3 ISO image file, for example .../xvdc. 


5h Save the upgrade configuration file, then continue with the next section. 


Starting the Upgrade 


1 Onthe VM host server at a terminal prompt, enter the following command: 
xm create -F /path/to/modify config file.sxp 
For example, you might enter 
xm create -F /tmp/upgrade/modify myserver vm.sxp 
The VM guest appears again in Virtual Machine Manager. 
2 Open the VM guest, then select the language and accept the SLES 10 SP3 license agreement. 
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3 Complete the first phase of the upgrade process by following the standard upgrade instructions, 
starting with Section 5.4.6, “Selecting the Installation Mode Options,” on page 124. 





IMPORTANT: Remember that you must specify the location URL for the OES 2 SP2 
installation files, either using a network protocol, such as HTTP:// or using the device path 
assigned to the OES ISO, for example hd:///?device=/dev/xvdd. 





Resuming and Completing the Upgrade 


1 After you complete the instructions in Section 5.4.11, “Accepting the Installation Settings,” on 
page 132, the server doesn’t reboot automatically and the VM guest disappears from Virtual 
Machine Manager. 


You must recreate the VM guest again to continue the upgrade process and complete the second 
phase. Enter the following command at the terminal prompt: 


xm new -F /path/to/unmodified_config file.sxp 
For example, you might enter 
xm new -F /tmp/upgrade/unmodified myserver vm.sxp 
2 Open the VM guest and follow the standard upgrade instructions to completion, starting with 


Section 5.4.12, “Specifying Configuration Information,” on page 133. 


When the upgrade process is complete, you can remove the upgrade directory that you created in 
Step 1 on page 188. 


10.6 Updating an OES 2 SP2 VM Guest 


Patching or updating an OES 2 SP2 VM guest is essentially the same as updating an OES 2 SP2 
physical server. For instructions on updating a physical OES 2 SP2 server, see Chapter 7, “Updating 
(Patching) an OES 2 SP2 Server,” on page 149. 


10.7 Managing a Virtual Machine Running OES 2 
SP2 


Managing a virtual machine running OES 2 SP2 is the same as managing virtual machines running 
other operating systems. For procedures, see “Managing a Virtualization Environment (http:// 
www.novell.com/documentation/sles10/book_virtualization_xen/data/ 

cha xen virtualization manage.html)” in the Virtualization with Xen (http://www.novell.com/ 
documentation/sles10/book virtualization xen/data/book virtualization xen.html) guide. 


10.8 Advanced Configuration Options 


This section includes advanced configuration options that you need to set up these services on an 
OES 2 SP2 VM guest. 


* Section 10.8.1, “Setting Up an OES 2 SP2 VM Guest to Use Novell Storage Services (NSS),” 
on page 192 
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10.8.1 Setting Up an OES 2 SP2 VM Guest to Use Novell 
Storage Services (NSS) 


When you install OES 2 SP2 on a virtual machine, we recommend that you configure a virtual 
machine with multiple devices. Use the primary virtual disk as the system device with LVM2 (the 
YaST install default) as the volume manager. After the install, you can assign additional storage 
resources from the host server to the virtual machine. In the guest server environment, the additional 
disks can use LVM2 or EVMS as needed. In this scenario, NSS volumes are created only on 
additional virtual disks, not on the primary virtual disk that you are using for the guest server’s 
system device. 





IMPORTANT: When you create the virtual machine, make sure to configure the size of the primary 
virtual disk according to the amount of space you need for the /boot, swap, and root (/) volumes. 





If you decide to use EVMS for the system device on the virtual machine, follow the install 
instructions in “Section A.2, “Configuring the System Device to Use EVMS,” on page 214,” just as 
you would for a physical machine. 


After the virtual machine is set up, you need to perform additional tasks to set up additional Novell 
Storage Service (NSS) devices. See “Using NSS in a Virtualization Environment” in the OES 2 SP2: 
NSS File System Administration Guide. 
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Installing and Managing NetWare 
on a Xen-based VM 





IMPORTANT: NetWare® 6.5 SP8 has been modified to run in paravirtual mode on a Xen virtual 
machine. Running NetWare in fully virtualized mode on a Xen host server is not supported. 





You can install NetWare as a virtual machine guest (VM guest) operating system on a. 
+ SUSE® Linux Enterprise Server (SLES) 10 Linux server 


See “Setting Up a Virtual Machine Host” (http://www.novell.com/documentation/sles10/ 
book_virtualization_xen/data/cha_xen_virtualization_vhost_setup.html) in the Virtualization 
with Xen (http://www.novell.com/documentation/sles10/book_virtualization_xen/data/ 
book virtualization xen.html)guide. 
or an 
* OES 2 SP2 server that has been set up as a Xen-based host server 

See “Chapter 9, “Installing OES as a Xen VM Host Server,” on page 177” in the . 

For general information on the Xen virtualization technology in SLES 10 SP3, see the Virtualization 


with Xen (http://www.novell.com/documentation/sles10/book_virtualization_xen/data/ 
book_virtualization_xen.html)guide. 


This section documents the system requirements, installation instructions, upgrade and migration 
instructions, and issues associated with setting up NetWare on a Xen-based virtual machine. 

¢ Section 11.1, “Introduction,” on page 193 

¢ Section 11.2, “Support Information,” on page 194 

¢ Section 11.3, “Preparing to Install a NetWare VM Guest Server,” on page 195 

* Section 11.4, “Installing Virtualized NetWare,” on page 197 

* Section 11.5, “Managing NetWare on a Virtual Machine,” on page 204 

* Section 11.6, “Troubleshooting,” on page 206 


11.1 Introduction 


There are many reasons to install NetWare 6.5 SP8 on virtual machines, such as: 
* Incorporating a NetWare server into a production environment without committing additional 
hardware resources. 


* Isolating Novell iFolder®, iPrint, GroupWise®, or other applications to a single virtual server 
without committing additional hardware resources. 


* Extending the useful life of NetWare services by running them on a Linux host server, thereby 
taking advantage of the widespread industry support for Linux hardware drivers. 
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To simplify the process of installing virtualization software, the SLES 10 SP3 software includes Xen 
Virtual Machine Host Server as a primary server function that you can select when installing SLES 
10 SP3 as a virtualization host server. 


Selecting this pattern installs the Xen host server software, which enables the server to boot the Xen 
version of the SLES 10 SP3 operating system kernel. It also installs utilities for preparing and 
creating virtual machines. 


After the host server is up and running, you can then create a virtual machine and install NetWare 
6.5 SP8 as a guest operating system. 


11.2 Support Information 


¢ Section 11.2.1, “OES 2 Registration Is Required for Support,” on page 194 
* Section 11.2.2, “Supported Configurations and Features,” on page 194 
* Section 11.2.3, “Unsupported Configurations and Features,” on page 194 


11.2.1 OES 2 Registration Is Required for Support 


Although OES 2 NetWare and NetWare 6.5 share the same code base and are the same in every way, 
virtualized NetWare in Xen is an OES 2 product feature. Support for NetWare on a Xen virtual 
machine is available only to OES 2 registered customers. 


11.2.2 Supported Configurations and Features 


The following configurations and features are supported for NetWare VM guest servers. 


* OES 2 NetWare or later running in paravirtual mode. 

¢ The graphical paravirtualized frame buffer and the text-based console interface. 
+ Running on 32-bit, 32-bit PAE, and 64-bit hypervisors. 

* Running in 32-bit PAE compatibility mode on 64-bit platforms. 
* Up to 16 block devices. 

* Up to 32 virtual CPUs. 

¢ The pause and resume functionality. 

* The xm shutdown command. 

* The shutdown command in Virtual Machine Manager. 

+ Allocated memory from 1 GB to 8 GB. 

* VCPU covercommitment, pinning, and capping. 


¢ Installations using a NetWare response file. 


11.2.3 Unsupported Configurations and Features 


The following configurations and features are not supported for NetWare VM guest servers. 


* NetWare in full virtualization mode. 


+ NetWare 6.5 SP6 and earlier running on a virtual machine. 
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+ VCPU hotplug. 

* Network or block device hotplug. 

¢ Virtual memory resizing. 

* Direct access to physical devices. 

* The save, restore, and migrate commands. 


* Some Novell Remote Manager debugging features. 


11.3 Preparing to Install a NetWare VM Guest 
Server 


¢ Section 11.3.1, “Planning for VM Host Servers,” on page 195 

* Section 11.3.2, “Planning for NetWare VM Guest Servers,” on page 196 

¢ Section 11.3.3, “You Must Use Timesync for Time Synchronization,” on page 197 
¢ Section 11.3.4, “Disabling the AIt+Esc Shortcut on the Host,” on page 197 


11.3.1 Planning for VM Host Servers 


* “Meeting Server Hardware and Software Requirements” on page 195 


* “Deciding Whether to Run OES Services on VM Host Servers” on page 196 


Meeting Server Hardware and Software Requirements 
To accommodate NetWare VM guest servers, your VM host servers must: 


O Meet the criteria specified in “Setting Up a Virtual Machine Host” (http://www.novell.com/ 
documentation/sles10/book virtualization xen/data/cha xen virtualization vhost_setup.html) 
in the Virtualization with Xen (http://www.novell.com/documentation/sles10/ 
book virtualization xen/data/book_ virtualization xen.html) guide. 


O Have enough memory (RAM) on the physical machine for 
* The SLES 10 operating system (512 MB) 
* Any of the supported OES services that you install on the VM host (512 MB) 
* Each NetWare virtual machine that you plan to run concurrently (1 GB to 8 GB) 


For example, if you are installing one NetWare VM guest server on a SLES 10 VM host server, 
you need a minimum of 1.5 GB of memory: 512 MB for the VM host server and 1 GB for the 
NetWare VM guest server. For optimal performance, you should allocate as much memory as 

possible for each NetWare VM guest, up to 8GB each. 


O Have enough disk space on the host server for creating and running the VM guest servers. 


The default disk space for a NetWare VM guest server is 10 GB. You might need more or less 
space depending on what you will use the guest server for and what its storage configuration 
will be. You might want to locate your virtual machines on a separate partition or even on a 
separate storage device. For example, you might create a /vm partition on a separate drive 
installed in the server. For additional information, see “Storage Planning” on page 196. 
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Deciding Whether to Run OES Services on VM Host Servers 


You should also decide whether to install OES 2 SP2 and one or more of its supported services on 
your VM host servers. 


To ensure that optimal resources are available to the virtual machines, each VM host server should 
be dedicated to running the Xen virtualization software as much as possible. However, there are 
several good reasons why you might want to choose to install one or more of the supported OES 
services on the host server itself. For more information, see “Why Install OES Services on Your VM 
Host?” in the OES 2 SP2: Planning and Implementation Guide. 


11.3.2 Planning for NetWare VM Guest Servers 


Before creating NetWare virtual machines, you need to plan for the following: 


* “RAM Planning” on page 196 

* “Storage Planning” on page 196 

* “Network Planning” on page 196 

* “eDirectory Planning” on page 197 


RAM Planning 


To ensure the best performance by your NetWare VM guests, you should plan for the optimal RAM 
configuration of each NetWare VM guest server. As a general rule, the more RAM you assign to a 
NetWare guest server (up to 8 GB), the better the server performance will be. For specific planning 
information, see “Optimizing Server Memory” in the OES2 SP1: Server Memory for NetWare 
Administration Guide. 


Storage Planning 


The disk space that you allocate while creating the Xen virtual machines is used by the NetWare VM 
guest for the sys: volume. 


For best performance in a Xen virtual environment, NSS pools and volumes on NetWare should be 
created on virtual devices that are SCSI devices, Fiber Channel devices, or iSCSI devices on the host 
server, or on partitions that are on those types of devices. 


SATA or IDE disks have slower performance because special handling is required when working 
through the Xen driver to ensure data writes are commited to the disk in the order intended before it 
reports back. 


For more information on NSS disk storage, see “Using NSS in a Virtualization Environment” in the 
OES 2 SP2: NSS File System Administration Guide. 


Network Planning 


Each Xen guest VM is assigned one virtualized network card by default. You can create additional 
cards if desired. 


You must obtain one static IP address for each virtualized network card you plan to create on your 
NetWare VM guest servers. OES 2 SP2 does not support dynamically-assigned (DHCP) IP 
addresses. 


196 OES 2 SP2: Installation Guide 


eDirectory Planning 


You can place a NetWare virtual machine in an existing tree or as the first server in a new tree. 
However, the performance of virtualized NetWare doesn’t match a physical NetWare installation. In 
most cases, it is probably preferable to add your NetWare virtual machine to an existing tree located 
on a physical NetWare server, particularly if the tree is large. 


Also, because virtualized servers might be started and stopped more often than they would normally 
be on physical servers, we recommend that the master replica (usually the first server in a tree) be 
placed on a system that is running at all times. For more information about Master Replicas, see 
“Managing Partitions and Replicas” in the Novell eDirectory 8.8 Administration Guide. 


11.3.3 You Must Use Timesync for Time Synchronization 


Because of known issues with Xen and the NTP NLM, you must use Timesync as the time 
synchronization method for NetWare VM guests running on Xen VM hosts. Otherwise, time drift 
causes problems for your NetWare VM guests. 


Keeping accurate time is a cricital function for servers in an eDirectory tree. The reported time must 
be synchronized across the network to provide the expiration dates and time stamps necessary for 
ordering eDirectory events. 


NetWare VM guest servers synchronize time in the same ways that NetWare physical servers do. In 
other words, the clock on the VM host server has no influence on the NetWare VM guest server’s 
time. 


IMPORTANT: To ensure your NetWare VM guest is configured correctly, be sure to follow the 
instructions in “Configuring Time Synchronization” (specifically Step 4) in the NW65 SP8: 
Installation Guide, and configure the NetWare VM guest to get time from the same time source as 
the eDirectory tree it is joining. If the time source specified is an NTP server, be sure to select the 
NTP option next to the source’s DNS name or IP address. This enables Timesync to communicate 
with the NTP time source. 





11.3.4 Disabling the Alt+Esc Shortcut on the Host 


Alt+Esc is used on a NetWare server to switch between console screens, but on SLES 10 it moves 
between open windows. To provide the expected behavior for the virtualized NetWare server, you 
must disable the shortcut for SLES 10. 


1 On the host server as the root user, click Computer > Control Center. 
2 Click Personal > Shortcuts. 


3 Under the Window Management category, click Move between windows immediately, then 
press the Backspace key to disable the shortcut. 


4 Click Close. 
5 Close the Control Center. 


11.4 Installing Virtualized NetWare 


This section provides the instructions for installing NetWare 6.5 SP8 as a guest OS. 


¢ Section 11.4.1, “Preparing the Installation Media,” on page 198 
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¢ Section 11.4.2, “Creating a Response File for an Unattended NetWare Installation,” on 
page 198 


* Section 11.4.3, “Creating a Xen Virtual Machine and Installing a NetWare VM Guest Server,” 
on page 200 


11.4.1 Preparing the Installation Media 


You must use the DVD installation files to install a NetWare VM guest on a Xen VM host server. 
(Xen on SLES 10 doesn’t support CD swapping.) 


The installation media must appear as a local disk to the virtual machine, but it can be physically 
located in either of the following locations: 

¢ Ona DVD in the host’s physical DVD reader. 

+ As the DVD ISO image file copied to the Xen VM host server desktop. 


The following steps are for downloading to the VM host server’s desktop and can be adapted as 
necessary for the other locations listed above. 


1 Using the Firefox* browser on the VM host server, access the Novell Open Enterprise Server 2 
Downloand Instructions page (http://www.novell.com/documentation/oes2/esd/ 
di_oes2_sp1.html) and download the NW65SP8 OVL_DVD.iso file to the server’s desktop (or 
another arbitrary location of your choosing). 


2 After the file downloads, if you are installing on an OES 2 SP2 VM host server by using a 
response file, continue with Step 3. Otherwise, skip to Section 11.4.3, “Creating a Xen Virtual 
Machine and Installing a NetWare VM Guest Server,” on page 200. 


Click Open in the Firefox download dialog box. 

Sort the list of files by Location by clicking the column heading, then scroll to /LICENSE. 
Select the .NFK and .NLF files, right-click them, and select Extract. 

In the Extract dialog box, click Extract, then close the ISO file and the browser. 





NO Ud fF W 


Double-click the LICENSE folder on the desktop or other arbitrary location that you chose in 
Step 1, select the two files you extracted and drag them to the desktop, then delete the LICENSE 
folder by dragging it to the Trash. 























Continue with the next section. 


11.4.2 Creating a Response File for an Unattended NetWare 
Installation 
OES 2 SP2 includes a YaST-based NetWare Response File Utility that asks you for information 
about the NetWare server you want to install. Basically, you answer the same questions as you 
would during a physical NetWare installation. When the time comes to run the NetWare Install 
program, the installation reads your responses from the file and proceeds without requiring further 
intervention. 

1 Open YaST and click Open Enterprise Server > NetWare Response File Utility. 


2 On the Select Install Type page, make sure the Hardware Type is set for Virtual. Do not change 
any other options. Click Next. 
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Click Destination Address, specify a valid NetWare server name for the virtualized NetWare 
server and the IP address you want the virtualized server to use. 


The IP address must be unique on the subnet just as it would be for a physical NetWare 
installation. 


Click Next. 

Click Destination eDirectory. 

Specify the name of the eDirectory tree and a context for this server object. 

In the Replica Server IP Address field, specify the IP address of the eDirectory server. 

In the User Information section, specify the admin information for the tree, then click Next. 


Click License, specify the eDirectory container where you want the NetWare license files 
stored (usually the Organization object), then click Next. 


Click Protocols. 

Specify the Subnet Mask and Gateway information for the subnet and click Next. 
Click Language, change the language settings if needed, then click Next. 

Click SLP Configuration. 


If your tree has more than three servers, specify the valid SLP information before continuing, 
then click Next. 


Click DNS Configuration, specify the DNS information, then click Next. 
Click Time Zone Configuration, select your time zone options, then click Next. 
Click Time Sync Configuration. 


Leave the protocol set to TimeSync (do not select NTPv3), select Use TIMESYNC Configured 
Sources, and specify the same time synchronization source as your eDirectory server uses, 
select N7P if applicable, then click Next. 


Click Install Settings, change the default settings if needed, add any needed SET parameters by 
clicking Edit, then click Next. 


Click Storage Configuration, adjust the default sizes if desired, then click Next. 


Click Pattern Selection, select the preconfigured server pattern you want installed, then click 
Next. 


If you selected Customized NetWare Server in the previous step, click Product Selection, select 
the services you want installed, and click Next. 


Click NMAS Configuration > Next > Next. 

(Conditional) Depending on what products you selected for the server, click the headings and 
enter the required information until all the configuration options have been completed for the 
response file. 

On the Save Response File page, specify a response filename, then browse to the directory 
where you stored your NetWare license files. (If you completed all of the instructions in 


Section 11.4.1, “Preparing the Installation Media,” on page 198 The field should show a path 
that ends with a forward slash (/). 


If you want the VM Manager to launch automatically after you exit the Response File 
Generator, select Launch VM Manager. 
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IMPORTANT: If the option is not selectable, that means the server isn’t running the Xen 
kernel. See Section 11.6.1, “WM Manager Doesn’t Launch on a Xen VM Host Server,” on 
page 206. 





27 Specify the location of the Installation Source by browsing to the DVD . iso file that you 
copied to the local server, then click Finish. 


28 Click Next. 
29 If you chose to automatically launch VM Manager in Step 26 above, click Forward and skip to 


Step 5 on page 202. Otherwise, continue with Section 11.4.3, “Creating a Xen Virtual Machine 
and Installing a NetWare VM Guest Server,” on page 200. 


11.4.3 Creating a Xen Virtual Machine and Installing a NetWare 
VM Guest Server 


Follow these steps to create a Xen VM and install a NetWare VM guest server. 


1 Open YaST, then click Virtualization > Create Virtual Machines. 
2 Read the Create a Virtual Machine welcome page, then click Forward. 


Create a Virtual Machine 


Create a Virtual Machine 


This assistant will guide you through creating a new 
virtual machine (VM). You will be asked for some 
information about the VM you'd like to create, such as: 


e The type of operating system that will run in the new VM 
Whether the VM will be fully virtualized or paravirtualized 


The location of the files necessary to install an 
operating system on the VM, or a disk that 
already has an operating system 


Other characteristics of the VM, such as 
memory, processors, and network adapters. 


For the most current information on Novell VM 
server technology, see http:/www.novell.com 
documentation/technology/vm_server 


| x Cance | | E Forward 





3 Select J need to install an operating system, then click Forward. 


200 OES 2 SP2: Installation Guide 


Create a Virtual Machine 





Install an Operating System? 


If you are creating this VM from scratch, you will need to 
install an operating system. When migrating a physical 
machine to a virtual machine, the disk with the existing 
operating system can often be reused for the VM. 


©) | need to install an operating system. 


| have a disk or disk image with an installed operating system. 











| x Cancel e Back | | E> Forward 





4 Click the triangle by NetWare, select Novell Open Enterprise Server 2 (NetWare), then click 
Forward. 





r "l 
E Create a Virtual Machine = DM 


Type of Operating System | 


Please specify the type of operating system that will run 
within the virtual machine. This defines many defaults, and 
helps decide how to start paravirtualized operating systems. 


Novell Open Enterprise Server 2 (NetWare) 
> Other 





D RedHat 
(vw SUSE 
Novell Open Enterprise Server 2 (Linux) 
SUSE (other) 
SUSE Linux Enterprise Desktop 10 
SUSE Linux Enterprise Server 8 
SUSE Linux Enterprise Server 9 


SUSE Linux Enterprise Server 10 


























The Summary page appears, showing the settings to be used for the virtual machine. 
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Create a Virtual Machine 


Click any headline to make changes. When the 
settings are correct, click OK to create the VM. 


Virtualization Method 
Paravirtualized 


Name of Virtual Machine 
NetWare] 


Hardware 
Initial Memory: 512 MB 
Maximum Memory: 1048576 MB 
Virtual Processors: 1 


Graphics 
Paravirtualized Graphics Adapter 


Disks 
1: 10.0 GB Hard Disk (/var/lib/xen/images/NetWare1/disk0) 


Network Adapters 
1: Paravirtualized; Randomly generated MAC address 


Operating System Installation 
Operating System: Novell Open Enterprise Server 2 (NetWare) 
Installation Source: 
Automated Installation: 
Additional Arguments: 





ona] (Ga) [Dal 








5 Click Name of Virtual Machine. 


Specify the name that you want displayed for this virtual machine in the Virtual Machine 
Manager. 


For example, you might specify hostname vm, where hostname is the host name of the server 
you are installing. 


6 Click Hardware. 


Change the initial memory setting to at least 1024 MB and the maximum setting to as much as 
8GB, depending on the RAM available on your host server. 


Add additional virtual processors if desired. 
7 Click Disks. 


The Virtual Disks dialog box lets you create the virtual disks that the NetWare VM guest will 
have access to. This includes the installation media if you are installing from a DVD on the 
host server or from an ISO image file copied to the host server’s storage devices. 


Initially, a 10 GB file is specified for the partitions/volumes on the virtual server. The default 
location of the file is /var/lib/xen/images. 


By default, this is a sparse file, meaning that although 10 GB is allocated, the size of the file on 
the disk will only be as large as the actual data it contains. Sparse files conserve disk space, but 
they have a negative impact on performance. 
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The NetWare install allocates 500 MB for a DOS partition and 4 GB for the SYS: volume. The 
default disk size of 10 GB leaves about 5.5 GB for other partitions. 


If you want to change the location of the NetWare VMs first virtual hard drive, select the 
default Hard Disk and click Edit. Then modify the path in the Server field to where you want 
the virtual disk located. 


Make sure that you have enough physical disk space on the host server’s hard drive and 
partition specified to accommodate the maximum size of the virtual disk. 


If you want optimal performance, your should deselect the sparse file option. This creates a 
blank file of the selected size when you start the virtual machine installation. 


Click OK. 


If you are installing from a mounted DVD, click CD-ROM, browse to /dev/cdrom or /dev/ 
dvd, then click Open > OK > Apply. 


If you are installing from a downloaded ISO image file, browse to the image file, then click 
Open > OK > Apply. 


If you want multiple virtual network adapters, click Network Adapters. 
Create virtual network adapters for the server. 
The default setting is a single paravirtualized network adapter. 


(Conditional) If you are installing on an OES 2 SP2 VM host and you created a response file 
that you want to use for the NetWare installation, click Operating System Installation and 
complete the following tasks: 


14a Click Find, then browse to and select the file you created in Section 11.4.2, “Creating a 
Response File for an Unattended NetWare Installation,” on page 198. 


14b Click Open > Apply. 


The response file ’s path and filename should be displayed in the Automated Installation 
field on the Summary page. 


When you have the virtual machine settings the way you want them, click OK to proceed with 
the creation of the virtual machine and the installation of the virtual NetWare server. 


A VNC viewer window appears, displaying the progress of the NetWare install program. 
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Create a Virtual Machine 





NetWare] Virtual Machine Console 


Virtual Machine View 


Sélectionner cette ligne pour installer en frangais 
Diese Zeile fiir deutsche Installation auswahlen 
Seleccione esta linea para instalarlo en espafiol 
Selecione esta linha para instalar em Portugués 
Selezionare questa riga per installare in italiano 
Select this line to install in Russian 
































If you specified a response file, the installation uses the information you recorded in the 
response file. If a required parameter is missing in the response file, you are prompted to enter 
the desired values during the installation. 


If you did not specify a response file, you must do the following: 
15a Click inside the installation window to set the mouse pointer. 


The mouse is not used on the first few screens, but you must set it now. Otherwise, the 
mouse and the keyboard might not work as expected when the GUI pages appear. 


15b Enter all of the installation information as you would for a physical NetWare installation. 





IMPORTANT: Do not close the VNC viewer window while the NetWare install program is 
running. Doing so prevents the installation from completing properly. 





11.5 Managing NetWare on a Virtual Machine 


Virtualized NetWare is managed in the same way as if it were running on a physical machine. For 
information about managing your NetWare server, see the OF S2 SP1: Server Operating System for 
NetWare Administration Guide. For additional information about managing NetWare servers in a 
virtualized environment, see “Running OES 2 NetWare in a Virtualized EnvironmentOES2 SP1: 
Server Memory for NetWare Administration Guide” in the same guide. 
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11.5.1 Using the Virtual Machine Manager 


Managing a NetWare virtual machine is simplified by using the Virtual Machine Manager utility, 
which is installed by default when you install the Xen virtualization software. 


To start Virtual Machine Manager, open a terminal prompt and enter virt-manager. 


For more information, see “Managing a Virtualization Environment (http://www.novell.com/ 
documentation/sles10/book_virtualization_xen/data/cha_xen_virtualization_manage.html)” in the 
Virtualization with Xen (http://www.novell.com/documentation/sles10/book_virtualization_xen/ 
data/book_virtualization_xen.html) guide. 


11.5.2 Using the Command Line 


Many NetWare administrators prefer to manage the server by command line. If you want to use the 
command line, you should be aware of issues related to the following: 

* “Terminal Size” on page 205 

* “NetWare Debugger” on page 205 

+ “VNC Viewer” on page 205 


+ “The xm Commands” on page 205 


Terminal Size 


The terminal window might display only 80x24 characters. If you don’t want to scroll to the 
command line, you need to resize the terminal. 


NetWare Debugger 


If pressing Alt+Shift+Shift+Esc doesn’t launch the debugger, you can enter 38 6debug at the 
command line to launch the debugger. 


VNC Viewer 


In the VNC Viewer, pressing F8 displays a pop-up utility menu. Press F8 twice to pass single F8 to 
the remote side. 


The xm Commands 


+ You can also manage the NetWare virtual machine, and all other virtual machines, by using the 
xm command line tools. For more information, see “The xm Command (http:// 
www.novell.com/documentation/sles10/book_virtualization_xen/data/ 
sec_xen_virtualization_xm.html)” in the Virtualization with Xen (http://www.novell.com/ 
documentation/sles10/book_virtualization_xen/data/book_virtualization_xen.html) guide. 


+ To make a break in NetWare from a terminal, enter xm sysrq x c, where x is the domain ID 
and c is any keyboard character. 
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11.6 Troubleshooting 


This section gives you a list of troubleshooting suggestions that can help you resolve some of the 
NetWare® installation issues. 


¢ Section 11.6.1, “VM Manager Doesn’t Launch on a Xen VM Host Server,” on page 206 


11.6.1 VM Manager Doesn’t Launch on a Xen VM Host Server 


If the option to launch the VM Manager for installing a NetWare guest is not available, the most 
likely cause is that the Xen kernel is not running on the Xen VM host server. See The Boot Loader 
Program (http://www.novell.com/documentation/sles10/book_virtualization_xen/data/ 
sec_xen_config bootloader.html) in the Virtualization with Xen (http://www.novell.com/ 
documentation/sles10/book_virtualization_xen/data/book_virtualization_xen.html) guide. 
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Upgrading NetWare on a Xen- 
based VM 


¢ Section 12.1, “Upgrading the VM Host Server,” on page 207 
* Section 12.2, “Upgrading the NetWare VM Guest Server,” on page 207 


12.1 Upgrading the VM Host Server 


Before you upgrade the NetWare VM guest servers on any Xen-based VM host servers, be sure to 
upgrade the host server to either SLES 10 SP3 or OES 2 SP2, as applicable. 


For SLES 10 SP3 upgrade instructions, see the SLES 10 SP3 Installation and Administration Guide 
(http://www.novell.com/documentation/sles 10/book_sle_reference/data/book_sle_reference.html). 


For OES 2 SP2 upgrade instructions, see “Chapter 5, “Upgrading to OES 2 SP2,” on page 113.” 


12.2 Upgrading the NetWare VM Guest Server 


After you have upgraded the Xen VM host server, upgrading a NetWare 6.5 guest on the host server 
is the same as upgrading a physical installation. You accomplish this by installing the Support Pack 
8 (SP8) (which is the same thing as NetWare 6.5 SP8) on the server. 


The only difference with upgrading a NetWare VM guest is the process of providing access to the 
SP8 media. 


If the support pack is unzipped to a location on the Guest, such as the sys: volume, the process of 
installing the support pack is exactly the same as on a physical server. 


If the support pack is unzipped on a DVD or to a location on the host server, you must add the DVD 
or location to the VM guest. Keep in mind that you can only specify a block device, such as a 
mounted DVD or the root of a separately defined partition on the VM host server. You cannot 
specify a directory where you’ve unzipped the support pack files as a block device for the VM guest 
to access. 


12.2.1 Downloading the NetWare SP8 Zip File 


Log into your Novell account and access the NetWare 6.5 SP8 e-Media Kit (URL_goes_here). 
Download the NW65SP8. zip file. 
Extract the Support Pack files contained in the zip file you downloaded. 


kh O N = 


Complete the following step that applies to your situation. 


4a If you have extracted the file so a root-level directory on the VM guest, continue with the 
instructions in “Starting an Upgrade” in the NW65 SP8: Installation Guide. 


4b If you have extracted the file to a partition on the VM host, see the Virtualization with Xen 
(http://www.novell.com/documentation/sles10/xen_admin/data/bookinfo.html) guide for 
information on making a block device available to a VM guest. 
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IMPORTANT: After adding the block device, you will probably need to reboot the 
NetWare VM guest before it will recognize it. 





4c If you have extracted the file to a DVD, continue with Providing Access to a Mounted 
DVD. 


12.2.2 Providing Access to a Mounted DVD 


After downloading the NW65SP8.zip file and extracting it to a DVD, do the following: 


Insert the DVD in the VM host server. 

On the desktop, click Computer > Virtual Machine Manager. 

Select the NetWare VM guest you are upgrading, then click the Details button. 
Click the Hardware tab. 

Click the Add button. 

In the Hardware Type drop-down list, select Storage Device, then click Forward. 
Under Target in the Device Type drop-down list, select Virtual Disk (read only). 
With the Normal Disk Partition option selected, click Browse. 

In the Places column, double-click File System, then double-click the dev folder. 


o O DAN Oo Fk WD = 


-Ú 


Click the dva device file, then click Open. 
Click Forward > Finish. 


You should see a new disk in the Hardware list. 


—_ 
—_ 


= 
N 


In the NetWare VM guest’s Machine Console, open the file browser. 


-à 
o 


If the DVD is listed, write down the volume name listed, then go to “Installing the Support 
Pack” (Step 2) in the NW65 SPS: Installation Guide and complete the instructions there. 


If the DVD is not listed, continue with Step 14. 
14 Shut down and restart the NetWare VM. 


15 After the VM restarts, confirm that the DVD is listed, write down the volume name listed, then 
go to “Installing the Support Pack” (Step 2) in the NW65 SP8: Installation Guide. 
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Disabling OES 2 Services 


Although you can uninstall Novell™ Open Enterprise Server 2 (OES) Linux service RPMs using 
YaST, we do not recommend it because so many modules have interdependencies. Uninstalling 
services can leave the server in an undesirable state. Instead, we recommend disabling the service. 

1 Loginas root and start YaST. 

2 Click System > System Services (Runlevel). 

3 Select Expert Mode. 

4 Select the applicable_service_name, then click Set/Reset > Disable the service. 

5 Repeat Step 4 for each service you want to disable. 

6 Click Finish to exit the YaST Runlevel tool. 





NOTE: YaST does not support removing products that create objects or attributes in eDirectory™. 
You need to use iManager to remove these objects and attributes. For procedures, see “Deleting an 
Object” in the Novell iManager 2.7.3 Administration Guide. 
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Security Considerations 


This section includes issues that you should consider when installing and configuring an Novell® 
Open Enterprise Server 2 (OES) Linux server. 
* Section 14.1, “Password for User Admin Written in Clear Text in control.xml,” on page 211 
* Section 14.2, “Access to the Server During an Installation or Upgrade,” on page 211 
* Section 14.3, “Remote Installations Using VNC,” on page 211 
* Section 14.4, “Improperly Configured LDAP Servers,” on page 211 


14.1 Password for User Admin Written in Clear 
Text in control.xml 
When you create a control.xml file using AutoYast, the eDirectory password for user Admin is 


written in clear text. This password can be read by anyone who has access to the file. Linux 
passwords are stored in the file in a hashed form. 


We recommend controlling access to this file. 


14.2 Access to the Server During an Installation 
or Upgrade 


Because eDirectory passwords are not obfuscated in system memory during the installation or 
upgrade, we recommend not leaving a server unattended during the installation, upgrade, or 
configuration. 


You can use ssh (secure shell) to access the system to perform an installation. However, only 
authorized users can access the installation. 


14.3 Remote Installations Using VNC 


While installing the server, we recommend that you do not use Virtual Network Computing (VNC) 
for remote installation in an untrusted environment. Consider using one of the more secure options 
(for example SSH) as outlined in “Installation Scenarios for Remote Installation” in the SLES 10 
Installation and Administration Guide (http://www.novell.com/documentation/sles10/ 
book_sle_reference/data/sec_deployment_remoteinst_scenario.html). 


14.4 Improperly Configured LDAP Servers 


Issue 1: Improperly configured LDAP servers will allow any user to connect to the server and 
query for information 


eDirectory LDAP server enables NULL BIND by default, but allows it to be disabled on the server. 
To enhance the security of the OES server, disable the NULL bind on the LDAP server port 389. See 
“Configuring LDAP Services for Novell eDirectory” in the Novell eDirectory 8.8 Administration 
Guide. 
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Issue 2: Improperly configured LDAP servers will allow the directory BASE to be set to NULL. 
This allows information to be culled without any prior knowledge of the directory structure. 
Coupled with a NULL BIND, an anonymous user can query your LDAP server using a tool such as 
LdapMiner. 


An eDirectory LDAP server allows the directory BASE to be set to NULL, and there is no way to 
disable it. However, with the NULL BIND disabled, as previously mentioned, the security threat 
posed by this feature is minimized. 


212 OES 2 SP2: Installation Guide 


Installing with EVMS as the 
Volume Manager of the System 
Device 


This section describes how to modify the default partitioning scheme for the system device during 
the install of Novell® Open Enterprise Server 2 (OES) Linux server and Novell Storage Services™ 
(NSS) so that its system device is managed by the Enterprise Volume Management System (EVMS) 
instead of the Linux Volume Manager 2 (LVM2). 





IMPORTANT: For the purpose of this documentation, a system device is any device that contains 
the Linux /boot, swap, or root (/) partitions for your OES 2 server. 





¢ Section A.1, “Using EVMS to Manage the System Device,” on page 213 
* Section A.2, “Configuring the System Device to Use EVMS,” on page 214 
* Section A.3, “Using EVMS to Manage Devices,” on page 219 


A.1 Using EVMS to Manage the System Device 


The Novell Storage Services file system requires that the Enterprise Volume Management System 
(EVMS) be used as the volume manager of devices that contain (or will contain) NSS pools and 
volumes. NSS management tools cannot see devices managed by non-EVMS volume managers, so 
those devices and the space on them are unavailable for creating NSS pools and volumes. EVMS 
also makes it possible to use the full range of services that NSS offers. NSS is not supported or 
tested for non-EVMS volume managers. 





IMPORTANT: NSS management tools require that the devices you use for NSS pools and volumes 
be managed by EVMS. 


For a list of the NSS capabilities that are not available when using a non-EVMS volume manager, 
see “NSS Limitations for Non-EVMS Volume Managers” in the OES 2 SP2: NSS File System 
Administration Guide. 





SUSE® Linux Enterprise Server 10 supports LVM2 and EVMS as volume managers; however, a 
given device can be managed by only one volume manager at a time. LVM2 is the default volume 
manager for SUSE Linux. During the install, the YaST Installation Settings page automatically 
recommends a partitioning scheme that uses LVM2 as the volume manager of the primary device 
and that allocates the entire disk for the Linux system partitions and POSIX file systems. 


This default partitioning scheme creates two problems for administrators who want to use NSS 
pools and volumes on the same device as the system partitions. 


+ NSS management tools cannot see devices that are managed by LVM2. Therefore, any 
unpartitioned free space on the system device is not available to be used for NSS pools and 
volumes. 


+ The default LVM partitioning scheme allocates the entire device for Linux POSIX file systems, 
so there is no free space available to be used later. 
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Possible workarounds for these problems are: 


* (Recommended) Use Additional Disks for NSS Pools and Volumes: Use multiple devices 
on the server, and reserve the system device for system partitions and Linux POSIX file 
systems. Create NSS pools and volumes on the non-system disks only. 


This solution does not require that the system device be managed by EVMS. During the install, 
use LVM2 as the volume manager for the system device. Do not partition or configure the non- 
system devices during the install. Otherwise, follow the install procedures described elsewhere 
in this guide. Any free space on the LVM2-managed system device is not seen by NSS 
management tools and is not available for creating NSS pools. 


After the install, you can create NSS pools or Linux POSIX file systems on other EVMS- 
managed devices. 


* (Supported) Modify the Partitioning Scheme During Install: At install time, modify the 
partitioning scheme for the system device to use EVMS and to leave unpartitioned free space 
available on the device that can be used later for NSS pools. 





NOTE: This option applies to physical machines. With virtual machines, you can easily add a 
second virtual disk to use for NSS pools and volumes. 





Beginning in OES 2 SP2, the Partitioner in the YaST Install offers the Create EVMS Based 
Proposal option. Follow the procedure in Section A.2, “Configuring the System Device to Use 
EVMS,” on page 214. 


After the install, you can create NSS pools or Linux POSIX file systems on the system device 
and on any additional disks. For information about creating NSS and Linux POSIX file systems 
on EVMS-managed devices, see Section A.3, “Using EVMS to Manage Devices,” on 

page 219. 


A.2 Configuring the System Device to Use EVMS 


Beginning in OES 2 SP2, the Partitioner in the YaST Install offers the Create EVMS Based Proposal 
option. For unpartitioned devices over 20 GB in size, this option creates a boot partition and a 
system partition for the container that holds the swap and / (root) volumes. 


* Section A.2.1, “Understanding the EVMS Based Partitioning Scheme,” on page 214 


¢ Section A.2.2, “Prerequisites,” on page 215 
* Section A.2.3, “Modifying the Installation Settings,” on page 215 


A.2.1 Understanding the EVMS Based Partitioning Scheme 


Using EVMS to manage the system device allows you to later add NSS pools and volumes on any 
unpartitioned free space on it. You must modify the partitioning scheme to use EVMS during the 
install. It is not possible to change the volume manager for the system device after the install. 


Beginning in OES 2 SP2, the Partitioner in the YaST Install offers the Create EVMS Based Proposal 
option to automatically create an EVMS solution for the system device. For unpartitioned devices 
over 20 GB in size, this option creates a boot partition and a container for the swap and / (root) 
volumes in up to the first 20 GB, and leaves the remainder of the space on the device as 
unpartitioned free space. 
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Table A-1 shows the default proposed setup for a machine with 768 MB RAM. The default swap 
size is | GB or larger, depending on the size of the RAM on your machine. The remainder of the 
device is left as unpartitioned free space. 


Table A-1 Default EVMS Proposal for Devices over 20 GB in Size 














Device Size Type Mount Point 
/dev/sdal 70.5 MB Ext2 /boot 
/dev/sda2 14.9 GB Linux LVM 
/dev/evms/lvm2/system 14.9 GB EVMS Ivm2/system 
/dev/evms/lvm2/system/root 10.0 GB EVMS / 
/dev/evms/lvm2/system/swap 1.1 GB EVMS swap 


A.2.2 Prerequisites 


This setup assumes that you have a single device in your physical server and you want to add NSS 
pools and volumes on the device after the install. 


* The device is unpartitioned. 


If the device has existing partitions, you can remove them all or specify which ones to keep 
during the install as described in Step 3 on page 216. 


* The device is over 20 GB in size. 


A.2.3 Modifying the Installation Settings 


The procedure in this section describes how to use the Create EVMS Based Proposal option in the 
YaST Partitioner to modify the partitioning settings during the install of OES 2 SP2 Linux or later. 


IMPORTANT: The procedure assumes SCSI devices and refers to device node names with the san 
notation. Other device drivers use different notation for device node names. For example, IDE 
drives use the han notation. 





1 Begin the SLES 10 SP3 install for OES 2 SP2 Linux. 
For information, see “Installing OES 2 SP2” on page 39. 


2 When the installation reaches the /nstallations Settings page, select Partitioning to open the 
Partitioner where you can modify the default device setup. 


For example, a default device setup might look like the one below: 


Partitioning 


* Create swap partition /dev/sdal (1.1 GB) 
* Create root partition /dev/sda2 (28.8 GB) with reiserfs 


Installing with EVMS as the Volume Manager of the System Device 


215 


3 Ifthe device is already partitioned, you must remove some or all of the partitions before you 
use the EVMS based partitioning proposal. 


3a On the Suggested Partitioning page under Partitioning, select Create Custom Partition 
Setup. 


—Partitioning 





) Accept Proposal 
Base Partition Setup on This Proposal 
@) Create Custom Partition Setup 


Create LVM Based Proposal 








Create EVMS Based Proposal 





3b On the Preparing Hard Disk: Step 1 page, select the disk, then click Next. 


-Hard Disk 





@ 1: 1.SCSI, 24.9 GB, /dev/sda, VMware,-VMware Virtual S 


Custom Partitioning (for experts) 





3c On the Preparing Hard Disk: Step 2 page under Disk Areas to Use, do one of the following 
to specify which partitions can be deleted: 


WARNING: The data on the deleted partitions will no longer be available. 





* Keep One or More Partitions: Select only those partitions that can be deleted; 
deselect (clear the check box) the partitions that you want to keep. 


Disk Areas to Use 
to Install SUSE Linux Enterprise Server 10 SP3 


Use entire hard disk 





x 
x 


70.5 MB, Linux native (/dev/sdal) 
14.9 GB, Linux LVM (/dev/sda2) 

3.1 GB, Novell NetWare (/dev/sda3) 
6.8 GB, unassigned 


I> lw IN ie 


This allows you to keep partitions that you want to keep if they have data on them, 
and you don’t want them to be deleted. This is very important if the disk was used 
previously, and has an NSS partition with pools that you want to keep. 


216 OES 2 SP2: Installation Guide 


* Remove All Partitions: Click the button to use the Entire Disk. All of the partitions 
on the disk are selected for deletion. 


Disk Areas to Use 
to Install SUSE Linux Enterprise Server 10 SP3 





| Use entire hard disk | 





[x] 1: 70.5 MB, Linux native (/dev/sdal) 
X] 2: 14.9 GB, Linux LVM (/dev/sda2) 

DM 3: 3.1 GB, Novell NetWare (/dev/sda3) 
[x] 4: 6.8 GB, unassigned 


3d On the Preparing Hard Disk: Step 2 page under Proposal type, select Create an EVMS 
Based Proposal. 





Proposal type 
| | Propose Separate Home Partition 


LU Create LVM Based Proposal 
[X] Create EVMS Based Proposal 





3e Skip ahead to Step 5. 


4 Ifthe device is unpartitioned, on the Suggested Partitioning page under Partitioning, select 
Create EVMS Based Proposal. 


Suggested Partitioning 








* Create swap partition /dev/sdal (1.1 GB) 
* Create root partition /dev/sda2 (28.8 GB) with reiserfs 








Partitioning 





(_) Accept Proposal 

©) Base Partition Setup on This Proposal 
(©) Create Custom Partition Setup 

(_) Create LVM Based Proposal 

(@) Create EVMS Based Proposal 








5 Click Next to create the default EVMS-based partitioning scheme. 
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This deletes the LVM2 proposed partitions and the related partition table on the disk. It replaces 
it with the EVMS proposed partitions and setup described in Section A.2.1, “Understanding the 
EVMS Based Partitioning Scheme,” on page 214. 


On the Installation Settings page, the new EVMS partitioning scheme is displayed. 


Partitioning 
* Create boot partition /dev/sdal (70.5 MB) with ext2 
* Create partition /dev/sda2 (14.9 GB) with id=BE 
* Create container lvm2/system from /dev/sda2 
* Create EVMS volume /dev/evms/lvm2/system/root (10.0 GB) for / with reiserfs 
* Create swap EVMS volume /dev/evms/lvm2/system/swap (1.1 GB) 


6 Modify the software settings to install NSS. 





IMPORTANT: This step describes essential services for NSS. You can optionally install other 
OES 2 services on the same server. 





6a On the Installations Settings page, click Software to go to the Software Selections and 
System Tasks page. 


6b Select Novell Storage Services from the available OES Services options. 


Novell Distributed File Services is part of NSS, so it is automatically installed whenever 
you install NSS. When you select Novell Storage Services, the following additional OES 
services are automatically selected: 


* Novell Backup / Storage Management Services™ 
* Novell eDirectory™ 

* Novell Linux User Management 

+ 


Novell NCP™ Server / Dynamic Storage Technology 





This dialog allows you [a] 
to define this system's 
tasks and what 

software to install. r= — 
Available tasks and | []] High Availability +] > 
software for this ha Documentation > 
system are shown by | 

category in the left 

column. To view a | 
description for an 

item, selectitinthe 


Software Selection and System Tasks 











LJ 


Novell Storage Services 
(NSS) 








Novell AFP 








Novell Archive and Version Ser. 





list. 


|) Novell Backup / Storage Manag 























The Novell Storage Services (NSS) file system provides 


Novell CIFS many unique and powertul file system capabilities. It is 
| especially suited for managing file services for thousands 
pia = Fi Si | LJ Novell Cluster Services (NCS) of users in an organization. It also includes Novell 
an sem eee Novell DHCP Distributed File Services for NSS volumes. 
status icon or | 
| [J Novell NS 


right-click any icon for 
a context menu. With 
the context menu, you 
can also change the 
status of all items. 


Details opens the 
detailed software 
package selection 
where you can view 
and select individual 











Novell Domain Services for Win. 
|p Novell eDirectory 


| Novell FTP 
| 














Novell iFolder 








| Novell iManager 








Novell iPrint 





ph Novell Linux User Management 
zi Novell NCP Server/ Dynamic St 
































Unique features include: Visibility, Trustee Access control 
model, multiple simultaneous namespace support, native 
Unicode, User and Directory quotas, rich file attributes, 
multiple data stream support, eventfile lists, and a file 
salvage subsystem 


NSS volumes are cross-compatible between kemels. You 
can mount a non-encrypted NSS data volume on either the 
Linux or NetWare kernel and move it between them. Ina 
clustered SAN, volumes can fail over between kernels, 
allowing for full data and file system feature preservation 





























software packages, Novell NetStorage when migrating data to Linux fa] 
The disk usage | [O Novell Pre-migration Server E) 
display in the lower | []] Novell QuickFinder 
right corner shows the p% Novell Remote Manager (NRM) Name |Disk Usage | Used |Free |Total | 
Femalningidisk space | [] Novell Samba 1 14% 15 GB 9.3 GB 10.8 GB 
after all requested 
changes will have Novell Storage Services (NSS) B 
been performed. Hard = i 
disk partitionsthatare > 
full or nearly fullcan = Details... 
denrade svstem z 
Cancel Accept | 


6c Optionally select Novell iManager to be installed on the server. 





You must install iManager somewhere in the same tree as the server. If you install 
iManager and NSS on the same server, the storage-related plug-ins are automatically 


installed. 
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If you install iManager on a different server, make sure you install the storage-related 
plug-ins that you need to manage NSS file system and services. For information about 
installing storage-related plug-ins on an existing server, see “Novell iManager and 
Storage-Related Plug-Ins” in the OES 2 SP2: NSS File System Administration Guide. 


6d Click Accept to return to the Installation Settings page. 


Licensing dialog boxes might open where you are prompted to accept proprietary modules 
being installed. 


D Installation Settings 





Click any headline to make changes or use the "Change..." menu below. 


Overview | Expert 


Keyboard Layout 
* English (US) 


Partitioning 


* Create boot partition /dev/sdal (70.5 MB) with ext2 

* Create partition /dev/sda2 (14.9 GB) with id=8E 

* Create container lvm2/system from /dev/sda2 

* Create EVMS volume /dev/evms/lvm2/system/root (10.0 GB) for/ with reiserfs 
* Create swap EVMS volume /dev/evms/lvm2/system/swap (1.1 GB) 


Software 


* SUSE Linux Enterprise Server 10 SP3 

* Novell Open Enterprise Server 2 SP2 

* + Novell NCP Server/ Dynamic Storage Technology 
* + Print Server 

* + Server Base System 

* + Novell AppArmor 

+ + Novell Backup / Storage Management Services (SMS) 
* + Novell Remote Manager (NRM) 

* + Documentation 

* + GNOME Desktop Environment for Server 

* + X Window System 

* + Novell iManager 

* + Novell Storage Services (NSS) 

* + Novell eDirectory 














7 Continue with the OES 2 installation. 


Refer to the product documentation for information about configuring OES Services that are 


being installed. For general information about the install, see “Installing OES 2 SP2” on 
page 39. 


A.3 Using EVMS to Manage Devices 


You can use the free space on the system device for NSS or Linux POSIX file systems. Consider the 
guidelines below when working with EVMS-managed devices. 


* Section A.3.1, “NSS File Systems on EVMS-Managed Devices,” on page 219 
* Section A.3.2, “Linux POSIX File Systems on EVMS-Managed Devices,” on page 220 


A.3.1 NSS File Systems on EVMS-Managed Devices 


Use only NSS tools (such as NSSMU and the Storage plug-in to iManager) to create a pool on a new 
EVMS-managed device. The tools automatically carve out a partition with the DOS Segment 
Manager so that the device can be used later for either NSS or Linux POSIX file systems. Then it 
adds the NetWare Segment Manager and creates the NSS partition and pool. 
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For the best performance, if you plan to use a non-system device for both NSS and Linux POSIX 
file systems, create the NSS file systems on the device first. NSS partitions the device in a manner 
that ensures the best performance for the NSS file systems, and does not adversely affect 
performance for Linux POSIX file systems. 


For instructions for creating pools and volumes, see the “Managing NSS Pools” and “Managing 
NSS Volumes” in the OES 2 SP2: NSS File System Administration Guide. 


A.3.2 Linux POSIX File Systems on EVMS-Managed Devices 


Use the Linux EVMSGUI tool (evmsgui) to create Linux POSIX file systems on the EVMS- 
managed device. For EVMS-managed devices, Linux POSIX file systems require that the Linux 
partitions be managed by the DOS Segment Manager (DOSSegMgr). This will be laid down 
automatically if you create an NSS file system on the device first. 





WARNING: EVMS administration utilities (evms, evmsgui, and evmsn) should not be running 
when they are not being used. EVMS utilities lock the EVMS engine, which prevents other EVMS- 
related actions from being performed. This affects both NSS and Linux POSIX volume actions. 


NSS and Linux POSIX volume cluster resources should not be migrated while any of the EVMS 
administration utilities are running. 





Consider the following guidelines when working with evmsgui to create a Linux POSIX partition: 


Scenario To create the Linux partition in evmsgui: 


Free space is controlled by the Create the Linux partition as usual. 
DOS Segment Manager. 





Disk is not initialized. 1. Select No at the prompt to initialize. 


On a pure SLES system (no NSS), ignore this step. 
2. Delete the disk object from the Volumes tab. 
3. Add the DOS Segment Manager to the device. 


4. Create the Linux partition as usual. 





Free space is controlled by the Do one of the following: 


NetWare Segment Manager. 
+ Ifno partitions are on the device, remove the NetWare Segment 


Manager from the device, add the DOS Segment Manager, then 
create the partition as usual. 





WARNING: Changing the segment manager initializes the disk 
again (destroys existing data), so you only want to do this with 
disks that have no partitions on it, or if you do not want any of 
the partitions that are currently on the disk. 





+ If partitions exist, reboot the server to automatically give control 
of the device back to the DOS Segment Manager, then create 
the partition as usual. 
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If no partitions are on the device, do the following to add a DOS Segment Manager to a non- 
clustered device: 
1 Loginas the root user, open a terminal console, then enter 
evmsgui 
2 Ifnecessary, remove the NetWare Segment Manager: 
2a Click the Disks tab, then locate and select the device, such as device sdb. 
2b Right-click, then select Remove segment manager from Object. 
This option appears only if there is an existing segment manager for the selected disk. 


2c Select the listed segment manager, click Remove, then click OK. 





WARNING: All data on the selected disk space is destroyed. 





2d Click Save, then click Save again to save your changes. 
3 Add the DOS Segment Manager. 
3a From the evmsgui menu, click Actions > Add > Segment Manager to Storage Object. 


3b On the Add Segment Manager to Storage Object page, choose DOS Segment Manager, 
then click Next. 


3c On the Select Plugin Acceptable Objects page, choose the device where you want to add 
the segment manager, then click Next. 


3d On the Configurable Options page, select the disk type (Linux is the default), click Add, 
then click OK. 


3e Click Save, then click Save again to save your changes. 
4 Create a segment for the DOS Segment Manager. 


The DOS Segment Manager requires you to create a segment before creating an EVMS 
volume. Without a segment, the additional segment manager does not appear when you attempt 
to create an EVMS volume. 


4a From the evmsgui menu, click Actions > Create > Segment. 
4b On the Create Disk Segment page, select DOS Segment Manager, then click Next. 


4c On the Select Plugin Acceptable Objects page, choose device where you want to add the 
segment, then click Next. 


4d Specify the size of the segment, the partition type (such as Linux LVM), click Create, then 
click OK. 


4e Click Save, then click Save again to save your changes. 


For information about adding or changing segment managers when you are clustering a shared 
device with Novell Cluster Services, see “Creating Linux POSIX Volumes on Shared Disks” in the 
OES 2 SP2: Novell Cluster Services 1.8.7 for Linux Administration Guide. 
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| OES 2 SP2 File and Data Locations 


This section contains information about the general rules and conventions Novell® follows when 
determining where various data types and program components are stored on the Linux file system. 


Where possible, we have tried to ensure that OES 2 SP2 components follow Linux Standard Base 
(LSB) requirements regarding file location. Efforts to do this are detailed here. 


* Section B.1, “General Rules,” on page 223 
¢ Section B.2, “Exceptions,” on page 224 


B.1 General Rules 


Where possible, product design has followed these rules: 
¢ /opt/novell: Contains all static data in the following standard subdirectories. 
/opt/novell/bin Executable files that are used by multiple products or are 
intended to be executed by an end user. 


/opt/novell/product/sbin Executable files that are used only by a product and are 
not executed by an end user. 


/opt/novell/lib Shared libraries that are used by multiple products and 
shared or static libraries that are part of an SDK. 

/opt/novell/include Header files for SDKs, typically in a product subdirectory. 

/opt/novell/oes install The OES installation and uninstallation code. 


* /etc/opt/novell: Generally contains host-specific configuration data. 
If a product has a single configuration file, it is named product or service.conf. 


If a product uses multiple configuration files, they are placed in a subdirectory named for the 
product or service. 


+ /etc/opt/novell/service_ name: Contains various OES service configuration files. 
¢ /var/opt/novell: Contains all variable data. 


Variable data (data that changes during normal run time operations) is stored in a product or 
service subdirectory. 


* /var/opt/novell/log: Generally contains log files. 
If a product or service has a single log file, it is stored in a file with the product or service name. 


If a product or service has multiple log files, they are stored in a subdirectory named for the 
product or service. 


¢ All files and directories that could not follow the above rules have the prefix novell- where 
possible. 
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| B.2 Exceptions 


Some files must reside in nonstandard locations for their products to function correctly. Two 
examples are init scripts, which must be in /etc/init.d, and cron scripts, which must be in /etc/ 
cron.d. When possible, these files have a novell- prefix. 


When standard conventions preclude the use of prefixes (for example in the case of PAM modules, 
which use suffixes instead of prefixes), the standard conventions are followed. 
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Setting Up an Installation Source 
on NetWare 


Complete the instructions that follow to set up an Novell® Open Enterprise Server (OES) 2 
installation source on an existing NetWare® 6.5 server. 

¢ Section C.1, “Prerequisites,” on page 225 

* Section C.2, “Copy the Files and Mount Them as NSS Volumes,” on page 226 

* Section C.3, “Create the Boot CDs,” on page 227 


C.1 Prerequisites 


You need the following: 
O A NetWare 6.5 server accessible on the network where you plan to install the OES 2 SP2 
servers with the following: 
+ 6 GB free disk space on the server 
* The Apache Web Server for NetWare installed and running 
O The following ISO image files from Novell: 


These will set up installation sources for both 1386 (32-bit) and x86_64 (64-bit) servers. If you 
plan to install only one of the platforms, then you need only the images associated with that 




















platform. 

Image File Purpose 

SLES-10-SP3-CD-i386-GM-CD1l.iso Boot CD for i386 (32-bit) SLES 10 SP3 installations 
SLES-10-SP3-CD-x86_64-GM- Boot CD for x86_64 (64-bit) SLES 10 SP3 installations 
CD1l.iso 

SLES-10-SP3-DVD-i386-GM- Install source for i386 (32-bit) SLES 10 SP3 
DVD1.iso 

SLES-10-SP3-DVD-x86_64-GM- Install source for x86_64 (64-bit) SLES 10 SP3 
DVD1.iso 

0ES2-SP2-i386-CD1.iso Install source for i386 (32-bit) OES 2 SP2 services 
OES2-SP2-x86 64-CD1.iso Install source for x86_64 (64-bit) OES 2 SP2 services 


For information on downloading these image files, see the Novell Open Enterprise Server 2 
Download Instructions (http://www.novell.com/documentation/oes2/esd/di_oes2_sp2.html). 
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C.2 Copy the Files and Mount Them as NSS 
Volumes 


The following instructions create unrestricted access to OES 2 SP2 installation files on a NetWare 
server on your network. Restricting access to the installation files requires additional configuration 
through Apache Manager or manual editing of the Apache configuration files. 


For more information on restricting access, see information about the Options, Order, Deny, Allow, 
and other directives on the Apache.org Web Site (http://httpd.apache.org/docs-2.0/mod/ 
directives.html). 


To provide unrestricted access to the OES 2 SP2 image files, do the following: 


1 Create a directory at the root of a server volume with at least 6 GB of free disk space. 





For example, you might create a directory named 0ES2 INSTALL in a volume named TOOLS. 


2 Restrict access to the directory to only those administrators who copy image files to the 
directory. 


This is important because if someone attempts to access these files after they are mounted as 
NSS volumes, the volumes are immediately dismounted and no longer available. 


3 Copy the DVD image files listed in “Prerequisites” on page 225 to the directory you just 
created. 


4 Atthe server console, mount each image file as an NSS volume. 


4a Enter the following command: 





nss /MountImageVolume=volume:directory/filename.iso 


where volume is the NSS volume name, directory is the directory you created in Step 1, 
and filename is the name of the ISO file. 


Continuing the example, you might enter the following: 





nss /MountImageVolume=TOOLS:0ES2_INSTALL/SLES-10-SP2-1386-DVD1.iso 





4b Note the assigned volume name. 


For the first SLES DVD you mount (either 32-bit or 64-bit), the name is SLES10SP_001, 
which is the actual volume name in the image file. For the second image you mount, the 
assigned name is CD_ followed by a four-digit number, starting with 0000. 





The same principle applies to the OES 2 SP2 image files. The first file mounted is the 
actual OES 2 SP2 volume name, but the second image is assigned a CD_xxxx name. 


Knowing which volume is for which platform is critical as you create an access URL to 
the volume in Apache Manager. 


5 Ina supported browser, start Apache Manager by entering the following URL: 
https://server_ip_address:2200/apacheadmin/login.jsp 

Replace server_ip_address with the IP address of the NetWare server. 

Log in as the Admin user or a user with administrative rights to the Apache server. 
Click the Content Manager icon. 


Click Additional Document Directories. 


o ON CO 


In the URL Prefix field, specify an alias name you want people to use to access one of the 
mounted volumes. 
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For example, if you are mounting the volume with the SLES 10 1386 installation files, you 
might name the alias, sles10sp1-i386. 


10 Click the Search icon next to the File Path field. 
11 Click the volume name that matches the alias name you specified in Step 9, then click Finish. 


For example, if CD 0001 is the volume name that NetWare assigned to ISO image of the SLES 
10 i386 installation source, then you would click CD_0001. 


12 Click Save > Save and Apply > OK. 
The path to the volume is added as an additional document. 


13 Repeat from Step 9 for the other three volumes. 


All of the ISO files are now available for access through the Apache Web Server running on the 
NetWare server. 


C.3 Create the Boot CDs 


See Section 3.2.2, “Preparing Physical Media for a New Server Installation or an Upgrade,” on 
page 42. 
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Documentation Updates 


To help you keep current on updates to the documentation, this section contains information on 
content changes that have been made in this guide since publication for the FCS release. 


This document is provided on the Web in HTML and PDF, and is kept up to date with the 
documentation changes listed in this section. If you need to know whether a copy of the PDF 
documentation you are using is the most recent, check its publication date on the title page. 


November 2009 
Section Change 
Section 2.4, “eDirectory Rights Needed for Reworked and updated information. 


Installing OES,” on page 18 





Section 2.5, “Installing OES As a Subcontainer Reworked and updated information. 
Administrator,” on page 19 


Section 5.4.5, “Upgrading Using the Patch Channel New section. 
(Online),” on page 122 


Chapter 12, “Upgrading NetWare on a Xen-based New section moved from the NetWare Installation 
VM,” on page 207 Guide. 


Appendix A, “Installing with EVMS as the Volume Removed manual EVMS instructions. 
Manager of the System Device,” on page 213 
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